21 December 2020
Users under threat from an ongoing global ransomware outbreak that has targeted Windows computers in more than 70 countries can keep their systems safe with security software such as Bitdefender and should make sure to get the latest patches from Microsoft, experts say. The WannaCry ransomware encrypts files in the PCs it infects. Attackers demand a ransom be paid in exchange for decryption.
Users under threat from an ongoing global ransomware outbreak that has targeted Windows computers in more than 70 countries can keep their systems safe with security software such as Bitdefender and should make sure to get the latest patches from Microsoft, experts say. The WannaCry ransomware encrypts files in the PCs it infects. Attackers demand a ransom be paid in exchange for decryption.
"This particular ransomware is correctly identified and blocked by 30% of the AV vendors using current virus definitions,” said Ivanti’s Phil Richards, cited by The Mirror. The expert mentioned Bitdefender as one of the solutions effective against WannaCry.
To stay safe, you should also keep your Windows system updated with the latest security patches from Microsoft via your Windows system’s auto-update feature.
The attacks have caused major disruption to hospitals, telecom companies or gas and utilities plants. Among the organisations that took the worst hits is the National Health Service (NHS) in the UK.
Why is this ransomware attack different
Unlike other ransomware families, the WannaCrytor strain does not spread via infected e-mails or infected links. Instead, it takes advantage of a security hole in most Windows versions to automatically execute itself on the victim PC. According to various reports, this attack avenue has been developed by the National Security Agency (NSA) in the US as a cyber-weapon and it was leaked to the public earlier in April along with other classified data allegedly stolen from the agency.
Analyzing the infection mechanism we can say that WannaCry is one of the biggest threats that both end users and companies have to face recently. Because the list of vulnerable Windows PCs can be found through a simple internet search and the code be executed remotely, no interaction from the user is needed. Once the PC is infected, it acts like a worm, it replicates itself in order to spread to other computers.
Our analysis reveals that the wormable component is based on the EternalBlue exploit that had been leaked out in a data dump allegedly coming from the NSA. This strain of malware is one of the few that combine the aggressive spreading mechanism of a cyber-weapon with the irreversible distructive potential of ransomware. Up until now, more than 120,000 computers worldwide have been infected.
Bitdefender has developed strong anti-ransomware capabilities to help users stay safe from such sophisticated attacks, which have been on the increase in recent years.
Find out if you are vulnerable. The MS17-010 vulnerability affects almost all versions of the Windows operating system, including those who are not actively supported anymore, such as Windows XP, Windows Vista and Windows Server 2003. Because of the extremely high impact, Microsoft has decided to issue patches for ALL operating system, including the unsupported ones. If your operating system does not have the specific hotfix installed, then you are vulnerable and need to update immediately.
What you can do to stay protected?
MEDIA RELATIONS
[email protected]INDUSTRY ANALYST RELATIONS
[email protected]INVESTOR RELATIONS
[email protected]