Since it was first uncovered on Friday afternoon, the WannaCry ransomware attack, which has affected England’s National Health Service and prompted companies like automaker Renault to idle their factories, continues to spread throughout the world. It has since impacted over 10,000 organizations and 200,000 individuals in over 150 countries.
While measures have been taken to slow the spread of the malware, new variations have begun to come about. a 22-year-old cybersecurity expert known as MalwareTech slowed the attack by registering a domain name he discovered in the ransomware’s code. He warned, however, that another attack is imminent – one which will work around his fix.
Since Friday, research have discovered two new variations of the ransomware – one which has been blocked with another domain name registration and another which, in spite of not having a kill switch, is only partially working.
The malware exploits a security flaw in Windows XP, and once it infects a computer, it encrypts the files and spreads to others computers. Victims whose computers have been infected receive a demand for a payment of $300 worth of Bitcoin in order to regain access to their files. However, despite the attack being widespread, it is widely believed that the perpetrators have only received approximately $20,000 in payments.
Europol Director Rob Wainwright told the BBC that businesses should ensure that their systems are updated with the latest security patches in order to mitigate chances of further infection and to slow the spread of the ransomware. He also noted that Europol is working with the FBI to apprehend the people responsible for the attack.
On top of updating security patches, experts also warn users to be wary of e-mails that carry dubious attachments and links which, when accessed, readily crawls into the system. Experts also advise users to back up important data on storage devices that are physically disconnected and install anti-virus software that can detect and prevent the spread of malware.
In the event that a computer is infected with malware, experts say that users should not pay the ransom as there is no guarantee that the files will be returned and whether the perpetrators will refrain from attacking the user again.