As you may or may not have heard, yesterday marked one of the largest Ransomware attacks in history. Known as “WannaCry”, the program compromised over 230,000 Windows devices and, although a “kill switch” was found within its code and was activated, it may still be a threat to computers which have not installed a crucial update that was released by Microsoft last month.
For those that are unfamiliar with how ransomware works, it will essentially lock down a computer and/or encrypt all of their user data until a fee has been paid. This is usually in the form of some sort of untraceable transaction, such as the use of a MoneyPak or Bitcoin. And while it can be very disruptive to an end user, the consequences this has from attacks on large companies and hospitals can be devastating, as has been seen by this massive attack. My company, which deals with computer repairs, found it necessary to temporarily suspend work on Windows computers until a solution was found.
What I find a bit inexcusable is the fact that it could have been completely avoided. This attack took advantage of a security vulnerability in Windows known as “EternalBlue”, a back door tool used by the NSA. And yes, it could largely be the NSA’s fault for placing such a massive back door into Windows devices. And it’s one of the many reasons they should NEVER get involved when it comes down to cyber security. But more importantly, it proves why Windows updates are critical, and not just that nuisance that pops up whenever you’re in the middle of something important. Had these hundreds of thousands of computers had one simple update installed, they would not have fallen victim to this attack.
So, my advice to anyone reading this on a Windows computer right now would be to check and make sure your computers are up-to-date. Specifically, make sure that you at least have update KB4012598 (MS17-010) installed. This patch has even been ported all the way back to Windows XP despite the fact that it’s no longer supported. I wish everyone the best of luck with this issue.
KB4012598 Update Link:
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598