Brief Introduction for WannaCry Ransomware
The WannaCry or Wanna Decryptor Ransomware begins on Friday and has attacked thousands and hundreds of computers covered more than 150 countries all over the world. It spreads rapidly and can attack 4000 times per hour at night, according to some testing tools. The work theory of WannaCry Ransomware is to generate an encrypted file based on your source file, and then delete the source file. It is said that WannaCry attacks only personal files like documents and photos; folders in the root of C drive like Windows and Programs files will not be encrypted. obviously, the personal files you stored with those folders on C drive will survived as well. In a nutshell, Ransomware is a kind of cyber attack that involves hackers taking control of a computer or mobile device and demanding payment.
You’ll get a window pop-up says “Ooops, your files have been encrypted”, which also saying you can get them decrypted only if you pay Bitcoin. At the left side of that window, you’ll see a countdown clock. It is there to remind you if you do not pay Bitcoin or the same value in three days, the price will go higher. Besides, if you do nothing in seven days, the encrypted files will be deleted permanently. To learn more specific information on WannaCry Cyberattack, see what is WannaCry or Wanna Decrytor ransomware?
Tips: Bitcoin is a kind of network virtual currency which has no issuer, so its source location cannot be traced. Bitcoin is fairly expensive and currently, 1 Bitcoin is equal to some 1.3 thousand dollars. It can be exchanged with currency of many countries and lack of supervision, which makes it popular among illegal network hackers.
Why WannaCry Ransomware Spread So Fast?
WannaCry or Wanna Decryptor spreads with the help of NSA cyber weapon, Eternal Blue, which was hacked from NSA, so that it can attack computers remotely. The ransomware takes advantage of the loophole in Windows XP and Windows 7 to access files. The 445 port, as file share port, is enabled in most cases. Therefore, organizations that share file frequently in the same network (LAN) like universities, hospitals, banks, etc. and enterprises and companies that have less network safety awareness will become heavy victim area. Mac OS, Linux and the latest Windows 10 have less possibility to get attached by now.
At beginning, the WannaCry can be stopped by registering a particular domain name, which was discovered by a 22-year old user. However, this virus upgrades and become stronger right after the second day finding the solution, KillSwitch. This time, the WannaCry 2.0 deletes the KillSwitch option. The corresponding measurement is developing by experts all around the world.
Protect Yourself from Ransomware
With the dramatic attack from WannaCry, it is urgent to do something to protect your files. For user who has been attacked by the virus, there are several ways to remedy.
1. Purchase Bitcoin and pay for the decryption. Nevertheless, this is risky because the hacker may not decrypt files after payment. So, it is not a smart choice.
2. Remove the virus and perform data recovery via professional tools. Then, backup the encrypted files to locations far away from network and computer. When the solution has been figured out, you can do the decryption.
3. Format hard drive thoroughly and reinstall the system. The data will lose at the same time.
For user who has not been attached by WannaCry Ransomware, especially for companies and organizations, you can do following preparations to protect against encrypting ransomware. Likewise, these victim users might as well to do the same preparations after things go well.
Close or disable the 445 port (for temporary).
Install the latest patch released by Microsoft, and that would be MS17-010.
Install anti-virus tools.
Upgrade system to the latest version, Windows 10. Or, move to Mac OS X.
Back everything up.
Free Ransomware Protection Software – AOMEI Backupper
AOMEI Backupper Free is reliable and all-around backup software that designed especially for WannaCry Ransomware. With the help of this malwarebytes ransomware protection, you can protect files from deletion by backing them up in advance. Even if the encrypted files are deleted by hacker, you can still get them back by restoring. AOMEI Backupper Free also provides easy-to-follow restore wizards. The Create Bootable Media function will help you even if the system cannot boot any more.
You may wonder how to protect yourself from ransomware using this software. Actually, it depends on your situation.
1. If you have not been attacked by WannaCry, you can protect files from ransomware by System Backup, File Backup, Disk Backup, or Partition Backup feature in AOMEI Backupper. System and all important files will be protected solidly. To start the backup, just click on “I want to backup data”.
First, download and install this free backup software. Disconnect the network would be good. Connect the external hard drive or removable USB stick to your computer.
Second, go Backup > Disk Backup to backup everything on your hard drive. Follow the wizard to select source hard drive and the destination path.
Third, you can set schedule backup with Schedule. Password protection for the backup image is in Backup Options.
Fourth, click on Start Backup. For the first time, it will create a full backup. You can disconnect the storage device to your PC.
2. If you have been attacked by WannaCry, You can create an image for your system, disk, or partition using System Backup, Disk Backup, or Partition Backup feature before removing the virus. This avoids data loss caused by inappropriate operations or virus variants. Steps are similar to above operation.
Tips: If the computer has been attacked, to create a backup without virus running, it is suggested to create a bootable device in advance, boot your computer from the device and run off-line backup. For more information with screenshots, please see backup hard drive without booting Windows.
There may be many solutions that provided by IT experts to protect from WannaCry Ransomware virus. But backup everything ought to be the best and easiest way for most users. Meanwhile, restoring system and files from backup images is quite simple. Surely, some details in daily life can also help prevent ransomware and malware. For example, do not open insecure websites and do not click unknown links in emails or texts. AOMEI Backupper can also protect you from other kinds of ransomware or malware by regular backing files and system up. All in all, it is important to develop a good habit of backup.