The latest news in technology are about WannaCry, a new virus that has reportedly infected at least 75.000 computers. On the surface, the virus doesn’t look too dissimilar from other virus of the ransomware type, which typically encrypt the content of a hard drive and ask for a ransom to unlock the affected data. However, WannaCry is different in that the exploit it leverages, known as EternalBlue, was originally developed by NSA as a means to wiretap Windows computers. The exploit has been leaked by a group of hackers that goes by the name of Shadow Brokers, a reference to a character in the video game Mass Effect 2, and has subsequently been patched last March, so that computers running the latest updates should not incur in any issue.
There are good news, however: the virus used an unregistered website domain as a kill switch to get activated. A young British researcher noticed this and promptly registered it, leading to a sudden decrease of the rate of infections.
What can you do to avoid getting infected?
The first thing you need to do, if you haven’t already, is installing Windows Update 4013389. You can learn more on how to apply this update on this page. As a side note, these kinds of vulnerabilities are the reasons why I suggest not to turn off Windows updates.
Additional steps you can take
If you’re really concerned about the vulnerability WannaCry even after you’ve installed the hot fix described above, there is another thing you can do: disabling SMB v1.
To do this, go to Control Panel and select Turn Windows Features on or off. In the list you’re presented, scroll down until you see the option labeled SMB1.0/CIFS File Sharing Support and uncheck the corresponding box, then hit apply.
Backups are important! Make sure you have a strong backup policy in place so that you’re never caught off guard. There are numerous options out there, ranging from Windows’ built-in backup tool File History, to the free Cobian Backup, to more sophisticated commercial software. An external hard drive isn’t that expensive and is a great way to backup your data easily and conveniently.
The second advice I have for you is simple: always be skeptical of email attachments. According to news pieces about the WannaCry attack (and many others, for that matter) the way Shadow Brokers were able to spread their virus so quickly is by social engineering, i.e. convincing you to run a program that hides as an innocuous file. Make sure the attachment is what it claims to be before opening it and scan it using your antivirus software.