Monday 15 May 2017

WannaCry Ransomware Attacks

What Exactly is this Virus?

It’s a ransomware attack that encrypts your files and demands bitcoin payments to unlock them. It spreads across networks using the SMB protocol so if a single unpatched PC or server is attacked your whole network can become infected, as happened to the NHS. It’s called WannaCry because…

Where did it come from?

Well this is embarrassing. The malware is based on the EternalBlue exploit developed by the NSA. Rather than protect their citizens by letting Microsoft et al know about this security hole, the NSA chose to exploit it to spy on people instead. Then they were hacked by a group called The Shadow Brokers and the hackers made the vulnerability public, which kind of makes them the good guys. Ironic really.

I’m infected – what should I do?

Switch off the infected computer(s) immediately. If necessary just yank out the power cable as every second it’s left on it will encrypt more files. Then it’s time to call in the experts who will clean the infected systems and restore any encrypted files from your backup. This is the bit where you are glad you invested in backup software.

Will it affect me?

Hopefully not - Microsoft also found this vulnerability on their own and released critical security update MS17-010 back on 14th March 2017. As long as your systems are up to date you should be safe. For older systems (Windows XP, Windows Server 2003 R2), Microsoft released special patches. The NHS has been hard hit because they use out of date operating systems (including Windows XP!)

Does it affect Macs?
Not at present but new variants are appearing all the time, so don’t get complacent. Apply operating system updates!

How to I check for updates?

Check For and Install Updates in Windows 10:
In Windows 10, Windows Update is found within Settings.

First, tap or click on the Start menu, followed by Settings. Once there, choose Update & security, followed by Windows Update on the left.

Check for new Windows 10 updates by tapping or clicking on the Check for updates button.

In Windows 10, downloading and installing updates is automatic and will happen immediately after checking or, with some updates, at a time when you're not using your computer.

Check For and Install Updates on a Mac:
Open the App Store app on your Mac, then click Updates in the toolbar. If updates are available, click the Update buttons to download and install them

The Mac App Store shows updates for Mac, not updates for iPhone, iPad, or iPod touch. If you don't have the App Store on your Mac, get updates by choosing Software Update from the Apple menu.

If you don't see an expected Mac update:
Install any updates that are available, then check for updates again. Some updates appear only after installing other updates, and some updates are part of other updates. For example, updates for Safari don't appear, because you get them as part of macOS updates.

Use the Search field in the toolbar to search for the app that you want to update.

Click Purchased in the toolbar to see which apps you got from Mac App Store. If you got an app from somewhere else, check with the maker of the app for updates.

If you're using OS X Snow Leopard or Lion, get OS X updates by choosing Software Update from the Apple menu. Get app updates from the Mac App Store.

Check For and Install Updates in Windows 8, 7 and Vista:
In Windows 8, Windows 7, and Windows Vista, the best way to access Windows Update is via the Control Panel.
In these versions of Windows, Windows Update is included as an applet in Control Panel, complete with configuration options, update history, and lots more.

Just open Control Panel and then choose Windows Update.

Tap or click Check for updates to check for new, uninstalled updates. Installation sometimes happens automatically or may need to be done by you via the Install updates button, depending on what version of Windows you're using and how you have Windows Update configured.

Check For and Install Updates in Windows XP, 2000, ME and 98:
In Windows XP and previous versions of Windows, Windows Update is available as a service hosted on Microsoft's Windows Update website.

Similar to the Control Panel applet and Windows Update tool in newer versions of Windows, available Windows updates are listed, alongside a few simple configuration options.

Checking for, and installing, uninstalled updates is as easy as clicking those respective links and buttons on the Windows Update website.

Important: Microsoft no longer supports Windows XP, nor versions of Windows that preceded it. While they have issued a specific patch for this attack this really is a wakeup call for you to upgrade!