Well if you haven’t been living under a rock for the past few days you’ll have heard about the WannaCry Ransomware that has been used to successfully attack many systems, including the NHS IT system in the UK.
Ransomware is a particularly obnoxious method which uses a virus to lock down a system, either a computer or an entire network. They then deny the owner access to both their system and, often more critically, the data on their system. A demand is then issued to the owner seeking a ransom in exchange for the return of access. The demand usually specifies that the ransom is paid in bitcoin, or similar, as these methods are harder to track.
So this ransomware is well named as at this point the owner and their IT team will… well, they’ll wanna cry!
As you’ll see by reading this article, a researcher accidentally discovered a kill switch in the software. He discovered a domain which was mentioned in the code but which hadn’t been registered. He registered the domain which killed the software. However, as of yesterday 2 additional strains had appeared. One was disabled in the same way as the first, the second is ineffective as a result of an error in the code. These variants are expected to continue to surface, so it is crucial that you protect yourself as best you can from attack.
What to do?
- If you work on a supported version of Windows, update religiously.
If you work on an unsupported version of Windows you can update using the Update Catalog. You should update to a supported version of Windows if at all possible.
- Keep your antivirus software updated, they will be pushing out new updates to counteract new variants of the ransomware as they are pushed out. Keeping up to date gives you the best chance of staying safe.
- Be paranoid! Don’t open files, click links etc without double checking that they come from someone you know and are genuine.
- Back up EVERYTHING! Keep regular backups of all of your data. Keep it on eternal drives which are offline and as safe as possible from infection. This way if you do get infected you haven’t lost all of your data.
Could it affect my website?
Ransomware will only affect your website if you host your site on a system which is affected, either your computer/network or on a hosting server which is infected.
Either way, you should have regular backups of your site anyway which will allow you to get back up quickly if the worst happens. Backups are not just essential when there is a threat of attack, they should be an essential habit in the regular maintenace of your site. Most attacks don’t come with a warning and the reasons for a website to go down vary from hardware failure to incorrect configuration to hacker attacks.
How can we stop this?
Pass on information on this attack and how to defend against it. If people tighten up defences and close off this security vulnerability then it will become much more difficult for these criminals to successfully implement their ransomware in order to demand payments.
Keep an eye out for updates on the status of this attack and of the defence against it. Knowledge is power so keep informed on the best ways to stay safe.