WannaCry Ransomware: What You Need to KnowIf you've been wondering what WannaCry is and if you're at risk, here's the lowdown.

ByChloe Albanesius

This story originally appeared onPCMag

via PC Mag

Hundreds of thousands of PCs wereattacked by ransomwareknown as WannaCry on Friday, throwing government agencies and private businesses around the globe into disarray. If you've been wondering what actually happened, here's the lowdown.

What is WannaCry?

WannaCry is the name of a serious strain of ransomware that hit Windows PCs worldwide, starting on Friday. Those who were infected found their computers locked, with hackers demanding a $300 ransom to unlock the device and its files.

How were people infected?

Like many malware infections, it appears that human error is to blame. According toThe Financial Times,有人在Europe downloaded a compressed zip file that was attached to an email, releasing WannaCry on to that person's PC. Many others did the same, and when all was said and done, at least 300,000 devices were affected globally.

That sucks, but it's their problem, right?

Not exactly. Among the affected PCs were those used by the U.K.'s National Health System (NHS). With computers locked, staff were unable to access patient records and other basic services. Appointments and surgeries were cancelled and medical facilities were shut down as NHS tried to stop the spread of WannaCry. Also affected:Germany's rail system,Renault and Nissan factories,FedEx,Spanish telecom Telefonicaand evenRussia's central bank.

During a Monday press briefing, Homeland Security Advisor Tom Bossert said WannaCry had not hit any U.S. government systems.

Is my PC at risk?

If you're runningWindows 10you're safe, as WannaCry does not target Microsoft's newest OS.

If you're running other, supported versions of Windows (Vista, Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016), a patch that Microsoft released in March addressed the vulnerability that WannaCry targets. So hopefully you or your office's IT department installed that update.

There are some people, however, who are still running aging versions of Windows; 7 percent still run Windows XP despite the fact thatRedmond no longer issuessecurity updates for it. So Microsoft took the unusual step ofreleasing a WannaCry patchfor old versions of Windows it no longer supports, including Windows XP, Windows 8 and Windows Server 2003.

不管你用的是什么版本的Windows, make sure you're up to date with your security patches.

Ransomware isn't new. Why is this such a big deal?

WannaCry uses an exploit known as EternalBlue developed by the U.S. National Security Agency (NSA), which used it to go after targets of its own. Unfortunately, EternalBlue and other NSA hacking tools wereleaked online last yearby a group known as the Shadow Brokers, putting these powerful tools in the hands of anyone able to use them.

Is this still an issue?

Quite by accident, a U.K. researcher known as MalwareTechmanaged to hobble the spread of WannaCryover the weekend. He acquired a sample of the malware on Friday and ran it a virtual environment. He noticed it pinged an unregistered domain, so he registered it himself, as he often does in these types of situations. Lucky for him (and countless victims), WannaCry only locked PCs if it couldn't connect to the domain in question. Before MalwareTech registered the domain, it didn't exist, so WannaCry couldn't connect and systems were ransomed. With the domain set up, WannaCry connected and essentially died, protecting PCs.

Great, so we're done here?

Not so fast. Reports of new WannaCry variantsare emerging, so stay alert and watch where you click.

What if my PC was ransomed?

While it appears that many people havepaid the ransomdemanded by the hackers, security experts warn against handing over your cash.

"As of this writing, the 3 bitcoin accounts associated with the WannaCry ransomware have accumulated more than $33,000between them. Despite that, not a single case has been reported of anyone receiving their files back," Check Point warned in a Sundayblog post. "WannaCry doesn't seem to have a way of associating a payment to the person making it."

Bossert echoed that today, saying that approximately $70,000 had been paid out since Friday, but there's no evidence of data recovery.

If you've been hit, your best bet is to restore from backup. Reputable security firms also have ransomware decryption tools. You can also use a tool like theFixMeStick-- just insert the device, boot to its Linux-based environment and let it take care of the problem. It won't restore files, but it will (hopefully) clean out the malware. When your PC is back up and running, make sure you have arobust antivirus programand thebest ransomware protection.

For more, seeHow to Protect and Recover Your Business from Ransomware.

How can we stop this from happening again?

Pay attention to emails with attachments or links. Even if the message appears to be from someone you know, double-check the email address and be on the lookout for any odd wording or attachments you weren't expecting from that person. When in doubt, message the person separately to ask if they did indeed send you an email that requires you to download an attachment.

More broadly, meanwhile, Microsoft took the NSA to task for "stockpiling" these vulnerabilities.

"This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world," Microsoft's president and chief legal officer, Brad Smith, wrote in ablog postthat likened the leaks to the U.S. military "having some of its Tomahawk missiles stolen."

Chloe Albanesius

Executive Editor, PCMag

Editor's Pick

Related Topics

Business News

Watch: London Airport Parking Garage Erupts in Flames Leaving Thousands of Passengers Stranded, Delayed

London Luton Airport resumed flight activity late Wednesday following the incident.

Business News

This Restaurant Will Charge You a Hefty $50 Fee If You Have One Too Many Mimosas

Kitchen Story in Oakland, California isn't playing around when it comes to bottomless brunch.

Marketing

This Powerful Marketing Strategy Will Help You Outshine Your Competitors and Make Your Brand More Memorable

Direct mail is stealing the show in the crowded marketing landscape. Here's why.

Business News

Meta Is Paying the Celebrity Faces Behind Its AI Chatbots as Much as $5 Million for 6 Hours of Work, Report Says

One unnamed top creator was paid $5 million for six hours of work, according to The Information.

Business Ideas

This Retiree's Yummy Hobby Is Now a Remote Side Hustle That Makes $250 an Hour: 'I Attached My Bank Account And the Money Just Flowed Automatically'

Since 1972, in his downtime, Bill Reichman has been dedicated to one delicious diversion. When the pandemic hit, he turned his passion into a lucrative side hustle. Here's how he did it.