Last Friday’s outbreak of the WannaCry ransomware infected hundreds of thousands of computers worldwide, including thousands at U.K. hospitals. The malware spread through phishing attacks, malicious emails and infected attachments, encrypting every file it can on a computer and then posting a landing page demanding a $300 ransom payment in Bitcoin in order for the files to be unlocked.
Authorities fear that new variations on the malware may begin spreading this week as more threat actors get their hands on the code and create new versions that behave differently but with the same effect.
The attacks exploit vulnerabilities in old Windows operating systems. If you are running Windows 10, your computer won’t be affected.
According to ZDNet, Microsoft Corp. (NASDAQ: MSFT) issued a security patch in March that resolved the problem for machines running Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2 and Windows Server 2016. ZDNet has instructions on where to go to download these patches. If you haven’t already done so, get the appropriate patch installed immediately.
Microsoft also issued a security patch for older Windows operating systems that are no longer supported: Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86 and Windows 8 x64 directly from Microsoft. Instructions on how to install this patch are also available at ZDNet.
The source of the malware is a somewhat contentious issue. Over the weekend, Microsoft President and Chief Legal Officer Brad Smith wrote on the company’s blog:
The WannaCrypt exploits used in the attack were drawn from the exploits stolen from the National Security Agency, or NSA, in the United States. That theft was publicly reported earlier this year. … [T]his attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage.
The people behind the WannaCry attacks are believed to have received about $43,000 so far, but there is less certainty about the return of the encrypted data. If past ransomware attacks are any guide, chances are pretty high that the data is gone forever.