What's happening with ransomware hacks? What is WannaCry
Cybercriminals are using something called "ransomware" to hold data hostage on Windows-based computers by encrypting files, making them unusable and demanding a ransom payment before potentially restoring access. Users are then locked out of their computers and are unable to access or use their files. The latest ransomware sweeping the global internet is called ‘WannaCry’ (also known as ‘WannaCrypt’ or ‘Wcry’).
This kind of criminal activity has occurred before, picking up in popularity in 2016, but this ransomware attack appears to be the most widespread to date — spreading to more than 100 countries including New Zealand.
How would I know it's happening to me? Has it happened to me? What does it look like?
These cybercriminals have designed their ransomware software to change your desktop background. They present their message, ransom demands and instructions on how to comply. This desktop image is unmistakable and unavoidable, and the background will change almost immediately after infection – WannaCry’s is shown below. Once this occurs, your data has been encrypted. In layman’s terms, it’s been rendered useless.
How do I avoid this happening to me or my workplace?
First thing to do is to make sure you've activated automatic updates for your computer's operating system and all applications. If you’re not sure how to do this, Google ‘System Update Windows #’ (8, 8.1, 10, XP, etc.)
Next, make certain that you have a leading antivirus software package installed on your computer. This software are designed to locate, target and remove viruses and other harmful programmes on your computer, as well as regularly search your computer while you work for any suspicious-looking bugs or files you might not have even noticed. If you don't have an antivirus software you can buy them here.
Be very careful when opening email or file attachments or clicking on links that are unknown to you, or using public wireless networks if your systems have not been updated and antivirus software has not been installed.
Our advice: if an email is from an unknown sender or looks suspicious, don’t open it!
What else can I do to protect myself and my files?
It's always a good idea to have important data backed up onto an external device or in the cloud. If using an external hard drive, it is advisable to unplug it from your computer when not in use so that the files on it won't be adversely affected if your computer is ever infected. Cloud storage is available through several third parties, including Google, Apple, Microsoft and Box.
If a computer on your network (such as someone’s computer in the office you work in or a family member’s laptop connected to the wifi modem you also use) is infected, disconnect your PC, laptop, wireless network or server to prevent the malware from spreading to your device.
If I'm affected and do not have my data backed up in the cloud or on an external hard drive, what can I do?
Industry experts do not recommend you pay the ransom because there's no guarantee your data will be available to you after payment is made. Essentially, you pay at your own risk. Additionally, it is believed that people who do make payments could be targeted in the future for additional ransom attacks.
If you have been affected and you need your computer reimaged to get rid of malware, pop into your local PB Tech service center.
If I'm affected and do have my data backed up, what can I do?
If you have your files backed up, it is possible to rebuild your computer using those saved files. If you're familiar with the process, you can do it yourself. However, remember that your computer can infect other computers on your network so take the appropriate precautions.