A ransomware program first discovered on the 12th of May has now infected upwards of 200,000 computer systems around the world, various news outlets report.
Dubbed ‘WannaCry’, the trojan virus operates by holding an infected computer’s file hostage with a demand for payment, typically with cryptocurrency like bitcoin. The first demanded ransom is $300. If the victim does not pay in three days, the ransom is increased to $600. If the victim fails to pay within seven days, the ransomware deletes all encrypted files — a potentially catastrophic situation for a business computer.
The WannaCry ransomware takes advantage of the ‘EternalBlue’ exploit previously discovered by the National Security Agency (NSA). This exploit was kept secret by the NSA in order to further their own intelligence-gathering process — until it was made public by a group of hackers last month.
At this time, the attack is ongoing, and continues to infect more and more systems around the world. Regions hit hardest include Europe, with multiple large organizations reporting their systems were compromised.
Users running Windows XP, Windows 8, and Windows Server 2003 should immediately install this security update released by Microsoft on Friday.
In addition, it may be prudent to back up your computer’s files using a software such as MegaBackup in order to protect yourself further.
For users already infected, there is unfortunately no repair available at this moment (apart from paying the ransom, which is ill-advised).
Cybersecurity experts continue to seek ways to decrypt files held captive, however.