WannaCry ransomware: What it is and what you need to know

May 17, 2017

Johns Hopkins computer experts have been working overtime to help the public understand the ongoing global cyberattack that began Friday and affected 150 countries. A malicious software—or malware—called Wanna Decryptor, or WannaCry, exploited a flaw in Microsoft’s software security in order to hijack the hard drives of 230,000 computers around the world, holding data on those computers hostage until a ransom of various amounts has been paid.

At this point, it is unclear who the perpetrators of the attack are, or how much money their operation has raised. JHU cryptographer Matthew Green and computer scientist Avi Rubin have spoken about the attack and how to protect your computer from falling victim.

How do I protect myself and my computer from WannaCry ransomware?

Green, whose research includes techniques for privacy-enhanced information storage and anonymous payment systems, spoke with Marketplace Tech about what people need to do to protect their Microsoft computers from the attack, and the answer is pretty straightforward: “[People] need to install patches. For most people, that means run Windows Update—make sure it’s turned on and that your computer is getting updates regularly,” Green said. “If you do that, you’re fine.”

In an interview with Information Management, Rubin, a professor of computer science at Johns Hopkins and technical director of the JHU Information Security Institute, said that “having backups of your data is the best response to the ransomware threat, because if you have data backed up, there is no need to pay someone ransom in the first place—as long as your backups are current.”

Rubin further explores the ethics and implications of paying ransom to decrypt information in a recent blog post on the subject.

Excerpted from The Hub.

Categories: ,

JHU Information Security Institute