What is WannaCry? How can we prevent it?

May 24, 2017

The WannaCry Program

Wanna Decryptor, which is also known as WannaCry is a ransomware program, was designed to encrypt all the data on a computer. When it has finished, the user is left with instructions on how to remove the encryption, and the Wanna Decryptor program. The reason it is classed as ransomware, is because the user is forced to pay a ransom to get their data back.

In this particular program, the user is told that their files have been encrypted, and the only way to remove the encryption is to pay in a few days, or lose their data entirely. The payment is demanded in Bitcoins, which is an anonymous currency not linked to any debit or credit card. The instructions provide a Bitcoin address to send payment. In addition to the encryption, the program uses an exploit in Windows to spread to other systems on the network.

The biggest attack in the UK was unfortunately on the NHS, machines across 47 trusts were affected. This lead to patients being turned away from A&E, operations being cancelled, and ultimately leaving patients without the proper care they need.

This leads us to the question, how can it be prevented?

  • Patch Management – Keeping up to date with the most recent updates ensures that it prevents it from spreading to other systems on the network
  • Backup – Making sure to keep regular backups of your data could guarantee, that your most valuable information can be recovered easily
  • Awareness – Inform your employees about the dangers of not just ransomware, but other attacks like phishing, malware and viruses

These are all great preventative steps, but no-one can be 100% protected against these threats.

However, Application Control from EgoSecure may be the answer.

Imagine your desktop or server is like a nightclub, and what do nightclubs usually have on the door? A bouncer. For the purpose of this, the bouncer in this is Application Control, which gives you the ability to ‘Whitelist’ approved applications, only those applications which are on ‘the list’ are permitted to run. This ensures that ransomware like WannaCry, wouldn’t be able to start, which as a result all your critical data is kept safe. Application Control is not just to protect against ransomware, but it can be used to stop known, and also unknown viruses and trojans.

For more information about Application Control or EgoSecure, call our sales team on 01491 821640, or email us at sales@nas.uk.com.