The whole ransomware situation

[GenericPNP]

Almost everyone has heard about this ransomware going around named WannaCry. It's all over Europe and Russia. If i'm in the US could I be affected? I disconnected all networking from my PC and shutdown.

[kelvinhall05]

If you've disconnected all of your networking, how did you write this post?

[AvocadosGuac]

Chances of you getting it are slim.(A home user atleast)

 

Now the IT industry is gonna be BOOMIN on monday..

[themctipers]

don't be in the 'depths of the internet' 

don't pirate stuff for a while if you do (public torrents)

don't install apps

install ublock origin (blocks everything )

 

also it'll affect you.. if you don't follow steps  

[79wjd]

1 minute ago, kelvinhall05 said:

If you've disconnected all of your networking, how did you write this post?

Candygram

 

[GenericPNP]

2 minutes ago, kelvinhall05 said:

If you've disconnected all of your networking, how did you write this post?

Typing this post off of a nearby hotspot on a mac

[GenericPNP]

2 minutes ago, themctipers said:

don't be in the 'depths of the internet' 

don't pirate stuff for a while if you do (public torrents)

don't install apps

install ublock origin (blocks everything )

 

also it'll affect you.. if you don't follow steps  

ublock for chrome?

[themctipers]

1 minute ago, Jaidenortiz7 said:

ublock for chrome?

ublock origin for chrome..

 

https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?utm_source=chrome-app-launcher-info-dialog

[GenericPNP]

1 minute ago, themctipers said:

ublock origin for chrome..

https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en so this

[themctipers]

3 minutes ago, Jaidenortiz7 said:

https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en so this

guess so

[Oshino Shinobu]

WannaCry uses an exploit in Windows that was patched back in March. As long as you've updated you should be safe (provided you're not downloading stuff from unverified sources). A lot of businesses are being hit, partially through targeting (who is more likely to pay out, a big business with important data or the middle aged woman who only uses the PC for Facebook?) and also because they're less likely to have updated the system. It's a much bigger task to update all of the systems on a big business network as downtime is something many businesses cannot afford, so they just leave it until there's a particularly good reason to update. 

 

EDIT: For the most part, WannaCry doesn't seem to be being uploaded or spread manually. Its primary objective is going to be to infect as many PCs as possible and the easiest way to do that is to infect already vulnerable systems. It incorporates a "hunter" module which scans computers on the same network for the exploit that was released as part of the CIA's hacking tools leak. If your system is updated, it shouldn't move to your system. The big issue really is that if one infected computer connects a network, any other computer vulnerable to the exploit will be infected, then if that connects to a different network, the same happens again. It's probably why so many businesses are getting hit with it, as business networks are the ones most likely to see devices come and go, at least compared to a home network, where it's typically just the same devices all the time. There's also a chance it's infecting PCs but not activating unless it finds data that is deemed valuable. No sense in locking down someone's computer when they don't have anything important, while that same PC could be used to spread WannaCry to other systems with more sensitive data.

 

I'd imagine a primary target will be servers and data centres with important information, such as the NHS's systems. I do hope any organisation with such important information has a backup of all of that data not connected to the network though. It could be devastating for smaller businesses, as backups and data redundancy is often overlooked as it can be pretty expensive. This also acts as a pretty good example for why RAID is not an alternative to a backup.