Massive Global Ransomware Attack Underway

HNS hit hard

As many people know there is a wide-spread and serious global PC hacking attack. The BBC and UK papers report numerous hospitals and the NHS in general have been especially hard hit with many thousands of PCs compromised.

The virus is bad, as bad as they get. An infected PC spreads the infection to other PC on a network and all files get corrupted and encrypted. The hacker demands a ransom to un-encrypt files. With out a back-up you out of luck.

What is going on?

A ransomware virus known as WannaCrypt0r/WannaCry has affected Windows computers on shared networks in at least 74 countries worldwide, with 57,000 reported individual cases being affected, according to the analysis team at Kaspersky Labs.

Once one computer on a network is affected, the malware infection spreads to other Windows computers on the same network, shutting down entire government agencies and national infrastructure companies. Hospitals across the UK were being forced to divert patients and ambulance routes as of Friday afternoon, and several utility companies across Europe reported infection across their computer networks according to BBC News.

What Is Ransomware?

Ransomware is malicious software that installs itself on your computer without your knowledge. Once it’s installed and running, it will lock down your system and won’t allow you to access any files or programs on that computer. Usually, as in this current WannaCry exploit, it will alert you to the lockdown with an impossible-to-ignore pop-up screen which informs you that your computer is being held for ransom. To unlock your system and regain access to the PC being held hostage, the lock screen informs you that you must purchase an unlock tool or decryption key from the hacker.

Where Did This Threat Originate?

In this case, Microsoft has been aware of the vulnerability since March 2017, when it published a Security Bulletin covering the potential risk. According to the Spanish newspaper El Mundo, early indicators seem to point to the attack originating in China, but more information is needed.

How Can You Tell If Your PC Is Infected?

The most obvious way to tell if your computer has been affected is if you are seeing a ransomware pop-up screen when you start up your computer. But because we don’t know how long the malware sits on your computer or network, not seeing this pop-up isn’t necessarily an indication that you haven’t been infected. The bottom line: if your Windows computer has connected to a shared network, such as those found in schools, public places and businesses, and you don’t have complete control over every computer on that network and haven’t been keeping Windows up-to-date, your computer may be infected.

How to Protect Yourself

According to Microsoft a fix for this vulnerability was released on March 14th for all affected versions of Windows. If you are running Windows 10, 8 or 7 and have automatic updates enabled you should be okay. If you don’t and haven’t updated recently you should update to the most recently released version immediately.

It is important to note that unsupported versions of Windows, like Vista and XP, did not receive this security update. Those systems should either be isolated or shut down.

Are Macs safe?

This attack is purely targeting an know vulnerability in Microsoft Windows operating systems. Mac computers are not compromised.