If you’ve done your best to stay away offline for the past two days so you could actually enjoy your weekend, you undoubtedly now find yourself trying to catch up on all the news surrounding WannaCry ransomware. This unprecedented malware attack began sweeping the globe late last week, and security researchers estimated that nearly 57,000 computers in more than 150 countries were infected by the end of the day on Friday. While the spread of this terrifying ransomware was slowed on Saturday, it was hardly stopped. As of Monday morning, more than 200,000 systems around the world are believed to have been infected.

WannaCry is far and away the most severe malware attack so far in 2017, and the spread of this troubling ransomware is far from over. This virus attack targets the Microsoft Windows operating system. The virus is spread through a phishing scam. If you’re not familiar with the term, phishing scams aim to either infect your computer with malware or to steal your personal information, including account passwords. Scammers accomplish this by sending you emails that often appear legitimate in order to get you to download a malicious attachment or to click on a link that will prompt you to provide personal or account information.

This malware is a scary type of trojan virus called “ransomware.” As the name suggests, the virus in effect holds the infected computer hostage and demands that the victim pay a ransom in order to regain access to the files on his or her computer. RansomWare like WannaCry works by encrypting most or even all of the files on a user’s computer. Then, the software demands that a ransom be paid in order to have the files decrypted. In the case of WannaCry specifically, the software demands that the victim pays a ransom of $300 in bitcoins at the time of infection. If the user doesn’t pay the ransom within three days, the amount doubles to $600. After seven days without payment, WannaCry will delete all of the encrypted files and all data will be lost.

If you are infected – do not pay the ransom. There may be other ways to remove the virus. Contact a qualified technician first.

In recent weeks, we’ve had customers ask about emails that appear to be sent from PayPal. This is a typical phishing scam. Do NOT click on any such links.  Instead, visit your account and see if there are any notices posted there. If not, you are probably safe and you were not hacked.

The best way to protect yourself right now from this most recent attack (and any attack) is

1. NEVER click on links in emails from companies or individuals you do not know. The same goes for opening attachments – do NOT do this unless you are sure of the source.
2. Keep your Windows operating system up-to-date. While this can be annoying for your operating system to be updated, this is done for your protection.
3. Keep your anti-virus software up-to-date. Virus definitions on all Shared Web Hosting Servers have already been updated to protect against this latest threat.
4. Back-up regularly. Our data center has a 2-week standard retention for backups for shared hosting services, so your website is protected.

Shared Web Hosting customers – Our data center performs scheduled maintenance to these systems on regular intervals including Windows patch updates; Antivirus updates; and updating firewall threat definitions and blocking commonly known high-threat protocols. In addition, our data center has taken steps to deploy advanced counter-measures to detect and prevent the process used by the WannaCry threat.

Greg Jameson