A worldwide WannaCry (also known as WannaCrypt) ransomware attack that wreaked havoc in U.K. hospitals and Russian telecom networks, could resurface today as workers return to the office, experts have warned.
Ransomware has been a looming threat for a while, last Friday’s attack was the most severe to date, combining worm-like deployment that enabled the infection to spread rapidly from computer to computer. More than 200,000 computers have been affected so far.
Microsoft Corporation (NASDAQ:MSFT) said the attack should be treated around the world as a “wake-up call”, saying software vulnerabilities hoarded by governments have caused “widespread damage”.
If you haven’t acted to protect and shield your computer from the WannaCrypt ransomware attack, here are four things you should do now:
- Do not click on emails from unknown senders
- Patch or update your operating system
- Look to force this action, if you do not see a prompt
- Back up your data onto a USB or disk
Home users and small businesses should run Windows Update, ensure their antivirus software is up to date and runs a scan, and also consider backing up data.
Microsoft said that the exploit code used by WannaCry is designed to work only against unpatched Windows 7 and Windows Server 2008, or even earlier systems such as Windows XP. A fix for the vulnerability had been posted by Microsoft in March, but many organizations had either failed to update their systems or were using operating systems like Windows XP, which were not patched as Microsoft no longer issues security patches for such old software.
The lightning spread of the WannaCry ransomware attack was felt worldwide over the past three days, according to website ZDNet. Thousands of private and public sector organisations across dozens of countries on Friday faced inoperable computers and forced hospitals in the U.K. to cancel procedures and use only pen and paper.
Businesses around the world had experts working over the weekend to prevent new infections. The virus took control of users’ files and demanded $300 payments via Bitcoin to restore access.