A massive computer virus called WannaCry has infected thousands of computers worldwide as of last week. What makes WannaCry distinct is that it does not need to have users click on a link for it to infect your machine. Some security researchers are pointing the source of the virus to the Shadow Broker’s leak of a Windows SMB vulnerability. This vulnerability makes it possible to infect a machine without user interaction.
What does the virus do?
WannaCry is ransomware virus, what that means is that it encrypts all your files rendering them inaccessible unless you pay the ransom demanded by the software.
What is being done to combat the virus?
Windows released an emergency patch to fix this 0-day. 0-days are vulnerabilities in software that are not known, thus giving security researches 0 days to fix the problem. The good news is that Windows even released this patch for unsupported versions of their operating system.
What can you do to protect yourself?
In the case of WannaCry, you need to make sure that you have installed all windows updates available for your computer. Also, if you are a network administrator, you may disable SMB on the network if it is not paramount for your daily operations. Though the virus can be spread without user interaction you should still be very cautious about opening any link or file in an email.
Alternatively, you should back up your computer to a hard drive that isn’t constantly connected to your PC. This will allow you to retrieve information even if you get this virus.
Reminder check the url of links in emails before clicking them:
If you hover your mouse of a link in an email you can check the source of the link. This can help you spot a bad link in an email.
Can you spot which of the below links are good? (note: you want the visible link to match the destination link)