Remote Support

What You Need to Know About “WannaCry” Ransomware

Created at May 16, 2017

What You Need to Know About “WannaCry” Ransomeware 

As has been widely reported, a well-orchestrated ransomware attack swept the world this past Friday, wreaking havoc in over 150 countries. Hospitals had to turn away patients and, as of Monday morning, approximately 200,000 systems in a wide variety of industries around the globe had been infected with the malware. This is the most extreme attack we have seen so far in 2017 and unfortunately, there is no permanent fix. Patch your systems and have proper security because this is not going away.

The Ransomware infects files and user data demanding payment until returned. Reports stated the ransom was $300 in bitcoin to start, following 3 days, it would increase to $600 bitcoin and after a full week with no action or payment, all encrypted data would be destroyed.


WannaCry may have gone global attack this past Friday, however, Microsoft, was aware of it and released a security patch earlier this year for vulnerabilities in Windows Software. Many were affected due to the lack of security updates and using older versions of Windows leaving users susceptible to attacks on their files and systems. Although the malware was first detected in March and used by the NSA, there was a report that it was publicly stolen from the U.S. National Security Agency about a month later. The malware is believed to have been stolen by well-known hacker crew, The Shadow Brokers. The malware drops an encrypted file on the seemingly vulnerable system, which is then executed as a service dropping the ransomware file onto the affected system. Approximately 165 extensions are vulnerable to the attack, including commonly used Microsoft extensions, including .docx, .gif, .jpg, and many others. While unusual, the temporary fix for this particular malware was discovered by a 22-year-old cybersecurity researcher in the U.K. He goes by the Twitter handle @MalwareTechBlog and by pure luck, managed to derail the entire operation.

Malware Tech noticed that one of the domain names being used in the attacks was not registered. He tweeted that he purchased the domain name, for $3, thus tracking the ransomware’s spread and unintentionally disarming the attackers.

Although Malware Tech stopped the ransomware spread now, that does not mean it is gone for good. You are putting yourself at a greater risk without a security appliance and without anti-virus software. Do not become a victim in the future. Protect yourself today.

PC users: run the updates on your machines with updates from Microsoft.

-If at all possible, upgrade from Windows XP.

-Do not open emails, attachments, etc. from senders you do not know.

-Always be aware of suspicious emails with attachments that you did not request.

-Never click on links from questionable sources.

-Any time you download or install files from the internet, you are at risk.

Since this malware was so destructive, for the first time since 2014, Microsoft released a patch for Windows XP. Click here to ensure your security is up to date and you are protected.

Questions or concerns? Contact Blue Layer today to discuss your security options. 

  • 5G Beyond Your iPhone

    When we think 5G, we think of our iPhones. We’re just praying that we see it, so small, in the top right-hand corner of our cell. Because we can’t stream videos or load our feeds with LTE, right? And please, no green texts.  But similar to IoT, or the Internet of...