Ransomware WannaCry makes 75000 wanna cry globally in 24 hours

Yesterday May 12th saw 99 countries globally particularly european countries and russia attacked by the ransomware Wannacry also known as WanaCrypt0r 2.0. The British NHS has had to close wards and turn patients away due to their systems being infected. Also companies like Nissan and spanish telecoms company Telefonica were some of those infected. Wannacry is believed to use the the leaked NSA cyber-weapon EternalBlue exploit to attack computers running Microsoft Windows operating systems. So far there are no reports of any Irish organisations infected. We will update this blog as we learn more.

Luckily for us a 22 year old british researcher going by the name malwaretech appears to have slowed down or stopped the progression of the spread of the malware. By registering a domain name used in the attack for the purposes of tracking it, he inadvertantly put a halt to the spread becoming an instant hero.

What is Ransomware

Westbourne recently published a blog detailing the facts about Ransomware. Wannacry Ransomware spreads itself by a worm across networks using an exploitation of a SMB vulnerability. Microsoft released a patch for this critical vulnerability on March 14, 2017 but until today there was no patch available for legacy machines such as Windows XP. Microsoft has released a patch for those machines this morning even though it no longer supports them.
Wannacry encrypts the machine it has infected and then demands a ransom to decrypt the files it’s holding hostage. So far the demands have been for $300 in bitcoin but threathen to increase in time.

How to protect yourself

Update your windows Operating System and make sure patch MS17-010 is applied
Make sure there is a backup of all your important data.
Contact Westbourne immediately if you are concerned about infection. 021 4314310 or email us at support@westbourneit.com

Files Affected

.doc, .docx, .xls, .xlsx, .ppt, .pptx, .pst, .ost, .msg, .eml, .vsd, .vsdx, .txt, .csv, .rtf, .123, .wks, .wk1, .pdf, .dwg, .onetoc2, .snt, .jpeg, .jpg, .docb, .docm, .dot, .dotm, .dotx, .xlsm, .xlsb, .xlw, .xlt, .xlm, .xlc, .xltx, .xltm, .pptm, .pot, .pps, .ppsm, .ppsx, .ppam, .potx, .potm, .edb, .hwp, .602, .sxi, .sti, .sldx, .sldm, .sldm, .vdi, .vmdk, .vmx, .gpg, .aes, .ARC, .PAQ, .bz2, .tbk, .bak, .tar, .tgz, .gz, .7z, .rar, .zip, .backup, .iso, .vcd, .bmp, .png, .gif, .raw, .cgm, .tif, .tiff, .nef, .psd, .ai, .svg, .djvu, .m4u, .m3u, .mid, .wma, .flv, .3g2, .mkv, .3gp, .mp4, .mov, .avi, .asf, .mpeg, .vob, .mpg, .wmv, .fla, .swf, .wav, .mp3, .sh, .class, .jar, .java, .rb, .asp, .php, .jsp, .brd, .sch, .dch, .dip, .pl, .vb, .vbs, .ps1, .bat, .cmd, .js, .asm, .h, .pas, .cpp, .c, .cs, .suo, .sln, .ldf, .mdf, .ibd, .myi, .myd, .frm, .odb, .dbf, .db, .mdb, .accdb, .sql, .sqlitedb, .sqlite3, .asc, .lay6, .lay, .mml, .sxm, .otg, .odg, .uop, .std, .sxd, .otp, .odp, .wb2, .slk, .dif, .stc, .sxc, .ots, .ods, .3dm, .max, .3ds, .uot, .stw, .sxw, .ott, .odt, .pem, .p12, .csr, .crt, .key, .pfx, .der