The WannaCry ransomware burst into the spotlight over the weekend as reports of infections streamed in from around the globe. It was the stuff of a Hollywood techno-thriller, and we watched it unfold in real time. But how did WannaCry come to be? How did it infect so many computers so quickly? And, perhaps most importantly, how will organizations and individuals cope with the fallout?
As the smoke began to clear, outrage around WannaCry shifted from the ransomware itself to the bug that made its spread possible. Many security experts have pointed to the WannaCry attacks as proof that the NSA shouldn’t “hoard” software vulnerabilities. There have also been accusations that Microsoft was complicit and the MS17-010 bug was actually a backdoor it allowed the NSA to utilize — though that has yet to be proven.
Can WannaCry or other Malware / Ransomware infect my computer?
If your computers run Windows Vista, Windows 7, Windows 8.1, Windows 10, Windows Server 2008, Windows Server 2012, and Windows Server 2016 and you’ve installed all the recent updates, (or at least those up to March-2017), you’re protected. If your computers run another version of Windows (Windows XP, Windows 8, Server 2003) you need to download and install Microsoft’s emergency patch immediately.
An update named KB4012598 is available for download from Microsoft.
Note: This update repairs the vulnerability in the above-mentioned versions of Windows. Thus, Ransomware like wannacry won’t affect your computer.
Another step you can take is disabling SMB version 1 on your computer. Here is an easy-to-follow guide that will step you through the process, and you shouldn’t notice any differences after switching it off.
It’s also worth testing your router or firewall to see if port 445 — which is used by SMB — is blocked. You Get Signal offers a free web-based tool. All you have to do to run it is click the number 445 next to SMB in the list of common ports. You should see a red flag icon and “Port 445 is closed.”