WannaCry Wannabes: A Ransomware Reminder

Next story
Image of computer screen closeup

As the news about the WannaCry (WannaCryptor) ransomware outbreak fades into the background, you might be breathing a big sigh of relief that you didn’t get infected.

So here’s a reminder that you can’t let your guard down.

Another piece of ransomware, known as XData, has also been making the rounds. The first variant was detected by ESET back in December.

Is XData the next WannaCry wannabe? This might just be the start. A new variant was responsible for a spike in activity in the Ukraine between May 17 and May 22, but so far it seems confined to financial institutions there.

One worrisome aspect of XData is its ability to infect all the computers on a network, if users are allowed to run with admin privileges.  Without admin privileges, XData can only infect a single computer, rather than the entire network.

It’s always good security to keep admin accounts separate from general user accounts. Home and small-office users often give everyone administrator rights because it seems easier, but separate accounts are safer, and simple to set up and use.

In addition, it’s smart to log into an account with non-administrator privileges for doing most of your work, and only log in as admin when you need to.

Now, while the ransomware threat is still top-of-mind, here are some other tips for keeping yourself safe:

  • Use a reliable security solution that utilizes multiple layers to protect you from WannaCry, XData and their ransomware kin.
  • Make sure to regularly update and patch your operating system.
  • Keep backups of your files on a remote hard disk or location that will not be hit in case of a network infection.
  • Never click on attachments and links in suspicious or unexpected emails. 
  • If you do become infected, a decryption tool from ESET is now available.

Taking these steps will go a long way toward keeping your computers, devices and data safe.