HOW TO SAVE YOURSELF FROM WANNACRY
WCry, WannaCry, Wannacrypt is a ransomware. Ransomware is a type of malicious software that carries out the cryptoviral extortion attack from cryptovirology that blocks access to data until a ransom is paid and displays a message requesting payment to unlock it.
It was spreading like an epidemic in the last few days until a 22 year old security researcher who lives with his parents and works in “MalwareTech”, stopped this just by simply registering a domain. He found out that this ransomware was pinging to an unregistered domain, so he went on and bought which resulted on stopping it from spreading.
But some has found a different version of this ransomware which doesn’t have this unregistered domain code. So, hold on to your secure stands, the war is not over.
Point to be noted, some researchers have found some codes in WannaCry which matches the fingerprints already tied to Lazarus Groups to the highly destructive hack that caused hard drives in South Korea to self-destruct in 2013, wiped almost a terabyte’s worth of data from Sony Pictures in 2014, and siphoned almost 1 billion USD from Bangladesh Central Bank last year by compromising the SWIFT network used to transfer funds.
I’ve thought about it and found out these are the steps you should follow to be safe from this Ransomware.
Always have a nightly offsite backup. (Because you know, prevention is better than cure.)
Update your Windows always. (Microsoft patched Windows every month and in many serious occasions. Regarding this ransomware microsoft even patched Windows 8, 7 na XP which is super rare.)
Don’t visit any suspicious site. Use well contained VMs when it’s absolutely necessary to visit those “suspicious sites”.
Use well reputed cloud services for backup of “very very important data”. It just cost 99.99$ for 1TB/yr space in Google drive. Link: https://www.google.com/drive/pricing/.
Make yourself a pfsense router and thoroughly manage your network activity. Setup custom Firewall rules, manage your data traffic. If you want you can even setup a secured VPN service for tunneling all your data. This is ensure security but will increase latency a lot.
Enable UAC settings in Windows, at least you’ll know when someone is in your computer.
Encrypt your data with a TPM (Trusted Platform Module) chip if your motherboard/laptop supports that.
I know these are very expensive choices and I don’t think any of you will follow this. God forbids, if any of you are attacked with any ransomware or lose data due to hard drive failure you’ll know the necessary of a backup and why people pay this much for a backup.