Are you affected by COVID-19?
Free consultation on how we can help you to change your services and offerings with online systems! – GET a free consultation

New WannaCry Variants may be Emerging: Know How to Stay Safe Next Time

Last month Avast, one of the largest cyber security firms, had identified over 75,000 cases of ransomware in over 99 countries.

Most of the attacks targeted Russia, Taiwan & Ukraine. However, Chinese universities, U.K. hospitals & global firms like Fedex (FDX) had also been hit.

The ransomware, named as WannaCry, demanded that infected businesses or individuals pay $300 to unlock each machine & the data stored on their devices.

Now although WannaCry ransomware is dead, it seems that new WannaCry variants are emerging, some of which may be trickier as well as more difficult to stop than the original WannaCry.

Here, I have compiled a list of tips on how to stay safe next time and what to do if you fall victim to an attack.

You need to be defensive

In order to stay safe from future attacks, it is very important to be smarter about which mails you are opening, which links you are clicking, as well as which files you are downloading. Phishing attacks have become very common these days & they are easy to fall victim to. However, WannaCry was not your typical phishing attack. WannaCry ransomware manipulated a Windows vulnerability, one that had been already patched by Microsoft earlier this year.

So, are you wondering how did it get through? You might have not realized that those pop-up notifications that software manufacturers send to your computer are not just alerting you to new features; but they are also adding patches to your software that can help you stay away from attacks like WannaCry. In this particular case, the attackers were able to penetrate systems that had not been updated recently.

“The global fallout of this attack could have easily been prevented by deploying the security update once it was made available by Microsoft,” said Liviu Arsene, Senior E-Threat Analyst at Bitdefender. “The lesson to be learned from this experience is to always apply security patches and updates when they become available, not just for operating systems but for applications as well. Of course, a security solution might prevent the payload—in this case, ransomware—from infecting victims. But more advanced and sophisticated threats could potentially leverage the operating system vulnerability to gain persistency and bypass traditional security mechanisms undetected.”

Back that Cache Up

The worst thing about this type of attack is that it gains access to your data. However, smart and responsible people don’t need to worry about this as they have been using DR or disaster recovery software in order to ensure that their valuable data is safe & alive in the cloud. In case you end up getting hit with a ransomware attack, then having access to your data in the cloud means you can just factory-reset your machine, pull in your backed up data, as well as resume work again.

Don’t forget to install & run antivirus software

Running good antivirus software is extremely important. However, antivirus software is not a silver bullet & is not foolproof.

Don’t pay even if you fall victim

Don’t pay even if you fall victim to an attack. Instead, contact the FBI & let them know about it. Even if you don’t have a backup and you need your data desperately, just sit tight & wait. Also, if you have already backed up your data just reset your machine & start from scratch.

Whatever you do, don’t make the mistake of paying the criminals this is because there is no guarantee that the hacker will release your data once you pay them the ransom amount. Paying could also expose you to additional risk as you have shown a willingness to fulfil the hackers’ demands.

“No one is ever encouraged to give in to ransomware demands,” said Arsene. “In fact, if no backups are available from which to restore lost data, companies or individuals should treat the incident as hardware failure and move on. Paying would only fuel cybercriminals with the financial resources to keep developing new threats. And there’s no actual guarantee that you’ll actually receive the decryption key. You are actually dealing with criminals here.”