How to protect your Windows from ‘WannaCry’ ransomware attack

A new ransomware attack is currently hitting computers in more than 100 countries around the world and the vast majority of Windows users should be protected. Microsoft have said that those customers who have Windows Updates enabled and are running free software should be protected.

wannacry windows save

So, that’s a good news for Windows users who have their updates enabled. Also should have an Anti Virus protection. Attacks of this virus is dangerous, especially when large organizations such as the British National Health Service (NHS) and one of Spain’s largest telecoms providers are among the victims. Now first we need to know what is ‘WannaCry’ ransomware virus.

What is WannaCry ?

WannaCry ransomware is a virus that infects the computers especially it is target Microsoft Windows OS and this virus access the content of your PC. It encrypts files, claiming only to let you back in upon receipt of the ransom. To get your content back you need to pay a hefty money for it the price right now is $300 in Bitcoin.

It seems to be a both a standard phishing/ransomware attack but it’s also spreading like a worm once it gets into a target network.

How Big is this attack?

According to European authorities, as many as 10,000 organizations and more than 200,000 individuals were affected in more than 100 countries. It is one of the largest ever cyber attacks in the world. Many government organizations have also face this attack.

Which platform does it effect ?

So far it has only affected Windows systems, where the most well-known target is done to user’s using Windows XP. As the current versions of Windows were quickly recovered.

How does this virus attacks your computer ?

This tool is to be believed to be the EternalBlue program developed first by American security services and subsquently leaked. This virus attacks your PC when you click on some suspected link or may open any file from an unknown email message which includes a file. There may be plenty other ways this virus can attack your PC.

So, don’t click on any suspected links or don’t download any unknown files as well as don’t open any unknown mails.

What exactly does WannaCry do?

RansomWare like WannaCry works by encrypting most or even all of the files on a user’s computer. Then, the it demands that a ransom to be paid in order to have the files decrypted. If the user doesn’t pay the ransom within three days, the amount doubles to $600. After seven days if user don’t pay, then WannaCry will delete all of the encrypted files and all data will be lost.

Per Symantec, here is a full list of the filetypes that are targeted and encrypted by WannaCry:

  • .123
  • .3dm
  • .3ds
  • .3g2
  • .3gp
  • .602
  • .7z
  • .ARC
  • .PAQ
  • .accdb
  • .aes
  • .ai
  • .asc
  • .asf
  • .asm
  • .asp
  • .avi
  • .backup
  • .bak
  • .bat
  • .bmp
  • .brd
  • .bz2
  • .cgm
  • .class
  • .cmd
  • .cpp
  • .crt
  • .cs
  • .csr
  • .csv
  • .db
  • .dbf
  • .dch
  • .der
  • .dif
  • .dip
  • .djvu
  • .doc
  • .docb
  • .docm
  • .docx
  • .dot
  • .dotm
  • .dotx
  • .dwg
  • .edb
  • .eml
  • .fla
  • .flv
  • .frm
  • .gif
  • .gpg
  • .gz
  • .hwp
  • .ibd
  • .iso
  • .jar
  • .java
  • .jpeg
  • .jpg
  • .js
  • .jsp
  • .key
  • .lay
  • .lay6
  • .ldf
  • .m3u
  • .m4u
  • .max
  • .mdb
  • .mdf
  • .mid
  • .mkv
  • .mml
  • .mov
  • .mp3
  • .mp4
  • .mpeg
  • .mpg
  • .msg
  • .myd
  • .myi
  • .nef
  • .odb
  • .odg
  • .odp
  • .ods
  • .odt
  • .onetoc2
  • .ost
  • .otg
  • .otp
  • .ots
  • .ott
  • .p12
  • .pas
  • .pdf
  • .pem
  • .pfx
  • .php
  • .pl
  • .png
  • .pot
  • .potm
  • .potx
  • .ppam
  • .pps
  • .ppsm
  • .ppsx
  • .ppt
  • .pptm
  • .pptx
  • .ps1
  • .psd
  • .pst
  • .rar
  • .raw
  • .rb
  • .rtf
  • .sch
  • .sh
  • .sldm
  • .sldx
  • .slk
  • .sln
  • .snt
  • .sql
  • .sqlite3
  • .sqlitedb
  • .stc
  • .std
  • .sti
  • .stw
  • .suo
  • .svg
  • .swf
  • .sxc
  • .sxd
  • .sxi
  • .sxm
  • .sxw
  • .tar
  • .tbk
  • .tgz
  • .tif
  • .tiff
  • .txt
  • .uop
  • .uot
  • .vb
  • .vbs
  • .vcd
  • .vdi
  • .vmdk
  • .vmx
  • .vob
  • .vsd
  • .vsdx
  • .wav
  • .wb2
  • .wk1
  • .wks
  • .wma
  • .wmv
  • .xlc
  • .xlm
  • .xls
  • .xlsb
  • .xlsm
  • .xlsx
  • .xlt
  • .xltm
  • .xltx
  • .xlw
  • .zip

As you can see, the ransomware covers nearly any important file type a user might have on his or her computer. It also installs a text file on the user’s desktop with the following ransom note:

How can I protect myself from WannaCry?

Regardless of which operating system you run, you should install all available security updates immediately. Specifically, Windows users with machines that run Windows XP, Windows 8, or Windows Server 2003 should immediately install the security updates released on Friday by Microsoft. You can go to below given link to download latest updates.

Customer Guidance for WannaCrypt attacks

What can I do if my computer is infected with WannaCry?

Now that would be a big problem if you get infected as till now there is no confirmation of WannaCry fix available at this time. As many cybersecurity experts are working hard to resolve this problem. But yes don’t pay the ransom. Bleeping Computer has a WannaCry decryption guide on its site, but we cannot confirm whether or not it’s effective.




Leave a Reply