Defending Yourself — and Your Computer — From WannaCry Ransomware

By Paul Ausick Updated Jan 12, 12:01PM EST · Published May 15, 9:05AM EDT

Follow 24/7 Wall St. on Google

This post may contain links from our sponsors and affiliates, and Flywheel Publishing may receive compensation for actions taken through them.

Defending Yourself — and Your Computer — From WannaCry Ransomware — © Thinkstock

[cnxvideo id=”655237″ placement=”ros”]Last Friday’s outbreak of the WannaCry ransomware infected hundreds of thousands of computers worldwide, including thousands at U.K. hospitals. The malware spread through phishing attacks, malicious emails and infected attachments, encrypting every file it can on a computer and then posting a landing page demanding a $300 ransom payment in Bitcoin in order for the files to be unlocked.

Authorities fear that new variations on the malware may begin spreading this week as more threat actors get their hands on the code and create new versions that behave differently but with the same effect.

The attacks exploit vulnerabilities in old Windows operating systems. If you are running Windows 10, your computer won’t be affected.

[nativounit]

According to ZDNet, Microsoft Corp. (NASDAQ: MSFT) issued a security patch in March that resolved the problem for machines running Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2 and Windows Server 2016. ZDNet has instructions on where to go to download these patches. If you haven’t already done so, get the appropriate patch installed immediately.

Microsoft also issued a security patch for older Windows operating systems that are no longer supported: Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86 and Windows 8 x64 directly from Microsoft. Instructions on how to install this patch are also available at ZDNet.

The source of the malware is a somewhat contentious issue. Over the weekend, Microsoft President and Chief Legal Officer Brad Smith wrote on the company’s blog:

The WannaCrypt exploits used in the attack were drawn from the exploits stolen from the National Security Agency, or NSA, in the United States. That theft was publicly reported earlier this year. … [T]his attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage.

The people behind the WannaCry attacks are believed to have received about $43,000 so far, but there is less certainty about the return of the encrypted data. If past ransomware attacks are any guide, chances are pretty high that the data is gone forever.

[wallst_email_signup]

About the Author Paul Ausick →

Paul Ausick has been writing for a673b.bigscoots-temp.com for more than a decade. He has written extensively on investing in the energy, defense, and technology sectors. In a previous life, he wrote technical documentation and managed a marketing communications group in Silicon Valley.

He has a bachelor's degree in English from the University of Chicago and now lives in Montana, where he fishes for trout in the summer and stays inside during the winter.