As computer virus outbreaks go, the WannaCry ransomware attack currently spreading across the globe is one of the largest such attacks in some time. As we detailed thoroughly on Monday, WannaCry is a dangerous trojan virus that infects Windows computers, encrypting nearly all data in the process. In order to decrypt the files and regain access, WannaCry demands that $300 in bitcoins be paid to an anonymous account. After three days, the $300 ransom increases to $600. After seven days without payment, the computer’s contents are deleted.
You can learn everything you need to know about WannaCry in this post. Since the ransomware is still spreading, however, we want to go into a bit more detail about how you can protect yourself.
Who is at risk?
WannaCry ransomware is targeting three versions of Windows in particular:
- Windows 8
- Windows XP
- Windows Server 2003
While things could certainly change, users of other Windows versions should be safe, though now is a great time to open the Windows Update Center and ensure that all of your security updates have been installed.
What should I do if I’m at risk?
Your first line of defense is always common sense. This goes for WannaCry and any other malware floating around out there. If you get an email with an attachment from someone you don’t know, do not download or open that attachment. If you get an attachment from someone you do know but it looks odd or sketchy, don’t download or open it.
Once you’ve reminded yourself how to compute responsibly, it’s time to ensure you’ve downloaded and installed the latest security patches available for Windows 8, Windows XP, or Windows Server 2003. Here are the links you’ll need:
- Windows 8 x86
- Windows 8 x64
- Windows XP SP2 x64
- Windows XP SP3 x86
- Windows XP Embedded SP3 x86
- Windows Server 2003 SP2 x64
- Windows Server 2003 SP2 x86
Microsoft’s related security bulletin is right here, but you probably don’t even need to bother reading it. Just update. Now.
Is there anything else I can do?
Yes. Yes, there is. You can and should download and install a good ransomware blocker. In this day and age, these handy utilities are just as important as standard antivirus software. If you’re looking for good options, check out Avast, Malwarebytes Anti-Ransomware, and Cybereason Ransomfree.
Also of note, the security researcher who accidentally slowed the spread of WannaCry over the weekend says that blocking TCP port 445 can help stop the ransomware. You’ll need to Google port-blocking instructions for your specific router if you don’t already know how.
Warning for Monday: If you turn on a system without the MS17-010 patch and TCP port 445 open, your system can be ransomwared.
— MalwareTech (@MalwareTechBlog) May 15, 2017
What if I’m already infected?
Sadly, your only options are to pay the ransom or to try Bleeping Computer’s guide to removing WannaCry from your system, though we cannot confirm at this time whether or not it works.