One of the most talked about and disruptive malware attacks have been witnessed recently on a global scale in the form of a “Ransomware” attack.
Now, what is a “Ransomware”?
A “Ransomware” is a malicious piece of software that attacks computers but locking functionality and asking for a payment in order to unlock usage.
This type of attack is very disruptive in nature and causes a lot of damage on machines which have been infected, causing widespread data destruction, locking of files, data theft and stalling of operations made through these computers. The current global attack was done by a ransomware known as “WannaCrypt” which scans the internet for vulnerable computers which it can attack and proceeds once a target is acquired. The “WannaCrypt” malicious ware uses a vulnerability found in Microsoft’s Windows OS known as EternalBlue which exploits a vulnerability in the SMBv1 (Server Message Block) protocol used for file/printer sharing in the Application Layer.
Microsoft has released a fix for this vulnerability last month which resolves the issue and stops unauthorised deployment of code and other malicious attack over this protocol. However, for users who have manually disabled updates or organizations that did not roll out the update for it’s Windows OS computers were left unprotected from this ransomware attack.
The solution is simple – Update your Windows OS to the latest patch/update and the EternalBlue vulnerability will not affect you in any way. Stay safe and use licensed Windows products on all computers and have automatic updates turned on to stay protected as there are entire teams that have solutions ready to protect you from vulnerabilities. As an added safety for detection of malicious ransomware software and prevention of infection in your PC, you are advised to install a good anti-virus software.