On May 12, 2017 the United Kingdom’s National Health System (NHS) was hit with a malware attack of epic proportions. Wired.com reported last week that leading IT support experts are calling this a glimpse of a “cyber-apocalypse.” As NHS systems went into meltdown over several continents and countries, the ransomware looked to be targeting any hospital or clinic it could attach to on the web. In a statement, NHS Digital confirmed several NHS organizations had been under a ransomware attack believed to be a variant of Wanna Decryptor.
What Is Wanna Decryptor?
Wanna Decryptor is an encrypting ransomware that basically changes a computer’s wallpaper with messages to the victimized network. Wanna Decryptor creates encrypted copies of specific file types then deletes the originals, leaving the victim with the encrypted copies, which can’t be accessed without a decryption key. Wanna Decryptor then asks the victim to download a decryptor from Dropbox. The instructions for the decryptor include a demand for money in bitcoin. If the victim refuses to pay for the key to access the copied file types, Wanna Decryptor increases the ransom amount. The malware will threaten to “kill” the victim’s data by a preset time if the ransom is not paid. As the threat level increases, the need to retrieve the information is given a sense of urgency. You must pay or you WILL lose.
Why Health Care?
No one can dispute there is a sense of urgency involved in most health care appointments. Imagine going to your physician, and they cannot access even your basic records or much-needed lab results. Sky.com interviewed doctors in clinics and hospitals in the United Kingdom. These staff members told Sky.com that all computers were shut off, canceling appointments and surgeries, and that lab tests and other much-needed diagnostics were being run to lab and pathology by hand. These processes have placed many lives at risk. Those distributing Wanna Decryptor may be hoping this sense of concern will have the NHS paying to access needed records.
Will It Affect the United States?
On Monday, May 15, the concern for Wanna Decryptor was the rebooting of literally millions of computer systems during the beginning of the business week. While one strain of Wanna Decryptor was stopped cold by a savvy IT tech, who created an email to trap it, other strains have already infected global businesses including Fed-Ex. While the extent of the ransomware’s reach is still unknown, it has reached 99 countries and was expected to affect the United States as of May 15.
What Can You Do?
There are several things you can do right now to protect your computer system.
- Microsoft has released an update that may help defend against Wanna Decryptor.
- Update your software on your system today.
- Backup all your data at both work and home.
- Do not open unfamiliar emails.
- Do not click on files or pop-ups that you do not recognize.
Many sources are saying that Wanna Decryptor is considered a rare ransomware outbreak in both scope and tenacity. While this may be true, this outbreak is bringing organizations large and small to their knees. Be prepared for ransomware, hardware malfunction and other inevitable system issues by calling CMIT Solutions of Centreville to discuss a disaster plan today.
CMIT Solutions of Centreville provides a strategic approach to IT consulting that improves performance of your business technology in the most cost-effective way possible. Assisting businesses in Centreville, Chantilly, Dulles, Gainesville, Manassas and Haymarket, we can help you achieve the fastest return on your technology investment. Call 703-881-7738 today to see how we can help your business stay in business.