The Computer Specialist Logo
CALL US
405-627-3168
FOLLOW US
  • Home
  • Services
  • Frequently Asked Questions
  • Book Appointment
  • Request a Quote
  • Blog

Decrypt0r? I hardly knew ‘er! WannaCry and the Importance of Updates

May 15, 2017 by John

Three years ago, Microsoft declared that Windows XP would finally, finally be “end-of-life”d. That means no more updates, no new features, no new security patches, nothing. And yet one in 20 machines are still running it. The web hasn’t gotten safer.

You can be infected by advertisements, let alone targeted attacks or domain takeovers. Hackers know what systems are vulnerable and how to attack them. Governments stockpile exploits instead of telling companies about them. Individual hackers do the same, with no oversight either. If you use Windows XP or 8, you are telling those hackers that you don’t value your secrecy and they can come right on in, thank you very much.

WannaCry: The Ransomware Heard ‘Round the World

WannaCry (or Wanna Decrypt0r, or wcry) is a ransomware attack that, as of May 15, has infected health systems and banks. It uses information gleaned from leaked NSA documents to attack older Windows machines. That’s right, only the old ones. If you’re on Windows 10, the worm cannot touch you. Sure, Windows 10 can be a pain. But keeping up-to-date prevents bad stuff like this from happening. There are two kinds of exploits: just regular ones, which is what WannaCry used, which companies have probably already patched out in newer versions, and what are called “zero days” because that’s how many days you have to prepare for them. Zero days are seriously bad, but they’re not something that regular users like you can worry about. There’s nothing to be done. Keep your backups in a safe place, be careful on the Internet, use antivirus. Although, Zero Days are also likely to get through a lot of antivirus. But they can help sometimes, and that’s better than nothing, which is what you’re doing if you’re running Windows XP.

Sometimes people have legitimate reasons for not updating. New versions can break compatibility with old software. Old software like what runs bank transactions or medical records. That code was written in the 70s and 80s and has never been updated, but it is still mission-critical. Newer solutions may not work as well for dozens of reasons. But if you’re not in that kind of situation, let Windows Update do its thing. If you are in that kind of situation, you should have an IT department because your company has been around for decades.

The Dirty Details

WannaCrypt is based on NSA information leaked by a group called “The Shadow Brokers”. They found a cache of documents and software tools used by a group called “Equation” designed for cyberwarfare. Then, they released it. They kept some back, holding it “ransom” and asking for one million bitcoins – at the time of writing, one billion dollars. They then realized that they were asking for a billion dollars, and lowered it to 10,000 bitcoins, and allowed people to “crowdfund” it with the hopes of releasing it to the public. It would be better for the information to be public rather than in the hands of someone malicious, because even though malicious people can access it, the “good guys” can, too. You know, security researchers and the like.

The tools used in this attack were codenamed “EternalBlue” and “DoublePulsar”. EternalBlue is the exploit; it gains access through unpatched Windows code. DoublePulsar is what is termed the “payload”. It is a very sophisticated piece of software that leaves no trace of its existence once it is done. It is only possible to detect it after infection and before a reboot. No one understands exactly what it does, yet, but researchers at CounterCept have made some progress. But it can inject arbitrary information into your system, and WannaCrypt took the opportunity to inject software that encrypts your hard drive and doesn’t give you the key.

In conclusion, patch your machine. If you don’t know how, that’s ok. We can help.

You can contact us with the linked form, or you can call us at 405-627-3168. We can set you up with a remote monitoring program and perform system updates for you, and provide antivirus. We can provide backup services. Act now, before you get hit by one of these worms. If it’s not WannaCrypt, it’ll be the next one. Hackers are only getting smarter.

Filed Under: Internet Security Tagged With: ransomware, wannacrypt

Share:

Services

  • Mobile Phone Repair
  • Remote Tech Support
  • Online Computer Help
  • Small Business IT Services
  • Data Backup and Recovery
  • Networking
  • Virus Removal & Prevention

Recent Posts

  • The Psychology of Social Engineering
  • 3 Tools that Hackers Use to Assault Your Computer
  • Decrypt0r? I hardly knew ‘er! WannaCry and the Importance of Updates
  • Anatomy of a Social Engineering Attack
  • How to End the Threat of Social Engineering

Testimonials

  • Over the last twenty years I have served both small and large business clients as a contract accountant. When there has been a need for computer technical assistance in these offices or in my own business office, I have used John Williams, dba The Computer Specialist. I have found that he makes himself available to... Read More
    Kathy F
  • John spent several hours setting up my new home computer system. He took out the hard drive and installed a 500GB SSD. He needed some special installation pieces and went to a local source without billing me for his travel time there and back. He did a great job and I have his number in... Read More
    Dr. Robert G
  • We've been very impressed with the whole process of top to bottom site system security monitoring of our computers as well as the installation, maintenance, and upgrades done with our surveillance platform for our commercial property. From consulting to quote to execution and beyond we have been very pleased with every aspect of the business!... Read More
    Andrew R.
  • very nice man to deal with, came a day earlier than he said he would. gave me a call to let me know. he did a great job and it looks very nice as well. I now have internet in my shop as fast as in my house. thanks John for a job well done Read More
    Gary H.
  • You recommended them. They picked up my computer and determined the hard drive crashed. They replaced it and were able to save all my docs and photos. Extremely pleased. Read More
    Larry C.

VISIT US

FOLLOW US

The Computer Specialist

405-627-3168
218 1/2 East Main St. Suite "B"
Norman, OK 73069

Testimonials

  • Over the last twenty years I have served both small and large business clients as a contract accountant. When there has been a need for computer technical assistance in these offices or in my own business office, I have used John Williams, dba The Computer Specialist. I have found that he makes himself available to... Read More
    Kathy F
  • John spent several hours setting up my new home computer system. He took out the hard drive and installed a 500GB SSD. He needed some special installation pieces and went to a local source without billing me for his travel time there and back. He did a great job and I have his number in... Read More
    Dr. Robert G
  • We've been very impressed with the whole process of top to bottom site system security monitoring of our computers as well as the installation, maintenance, and upgrades done with our surveillance platform for our commercial property. From consulting to quote to execution and beyond we have been very pleased with every aspect of the business!... Read More
    Andrew R.
  • very nice man to deal with, came a day earlier than he said he would. gave me a call to let me know. he did a great job and it looks very nice as well. I now have internet in my shop as fast as in my house. thanks John for a job well done Read More
    Gary H.
  • You recommended them. They picked up my computer and determined the hard drive crashed. They replaced it and were able to save all my docs and photos. Extremely pleased. Read More
    Larry C.

Copyright © 2021 · The Computer Specialist · 218 1/2 East Main St. Suite "B", Norman, OK 73069 · Powered by Tech Site Builder