WannaCry Ransomware Infects Thousands of Companies

This week a massive ransomware attack infected over 300,000 machines worldwide called WannaCry. Ransomware is a type of malware that will encrypt all of the files on an infected machine. It will then demand payment to decrypt the files. Your computer is essentially held hostage until you pay up.

The effectiveness of this particular attack was increased due to the lack of updates installed on machines. Fully updated Windows 10 machines were not vulnerable to this attack. Machines still running Windows XP and Windows Vista, which no longer receive updates from Microsoft, were particularly at risk. It was such a massive breach that Microsoft did indeed release a patch to fix those older operating systems. This is something that is extremely rare for Microsoft to do. Although the patch has been released, it is still necessary for those running older operating systems to update their machines. Installing this patch can help stop the spread of this particular virus, but will continue to leave you unprotected if you do not update to a Windows version that IS being regularly updated.

One interesting aspect of this virus was that there was a built-in kill switch. Meaning that the ransomware would check to see if a particular domain was registered, and if it wasn’t it would continue. While inspecting the code for the malware, this was found and someone registered the domain which stopped the widespread outbreak for a time. New strains were later discovered that removed the kill switch. What this outbreak does indicate though, is how important it is to stay up to date with your applications and operating systems. Manufacturers release security patches for a reason. They find vulnerabilities that can be exploited, and they fix them. Leaving your phone or your computer out of date, thinking that updates might ruin what you have going on, leaves you open to these types of attacks in the future.