'WannaCry' ransomware attack: What you need to know

WannaCry is a virulent form of ransomware that infected outdated, insecure versions of Windows at catastrophic scale. Attacked system were encrypted and users shut out of their files, the only thing left accessible — a demand for $300 in Bitcoin to unlock the systems.

Richard Devine, writing for Windows Central:

What is WannaCry?WannaCray is a piece of ransomware that infects computers with the intent of monetary extortion in return for access to the contents of the PCs. It encrypts files, claiming only to let you back in upon receipt of the ransom.Which platforms does it affect?So far it only affects Windows systems, with the most well-known target being organizations that are still using Windows XP. WannaCry utilizes an exploit in Windows to get in. The exploits are reportedly ones which were stolen from the U.S. National Security Agency (NSA). The latest versions of Windows were quickly patched following the theft, but XP was not.

Does that mean Mac users don't have to worry?

If you're running macOS on Mac hardware, you don't have worry about WannaCry specifically, at least so far.

If you're running an outdated version of Windows on Mac hardware, especially Windows XP, then it's just as vulnerable as any similar Windows system.

Other forms of ransomware have been discovered on the Mac in the past, though, so it's something everyone should be vigilant about.

How do you protect yourself from ransomware?

There are a couple of things everyone should do to minimize the chances of being adversely affected by a ransomware attack:

  1. Always have an up-to-date backup. That includes local backups like TimeMachine and online backups from a service provider like BackBlaze, Crash Plan or Carbonite.

    How to back up your Mac: The ultimate guide.
  2. Don't click on links in emails or on web pages you aren't 100% sure about. If something looks fake, avoid it, ask about it, or type the site name into your browser and navigate from there.

Wait, these exploits leaked from the NSA?

Yup.

But... but, last year didn't the government wanted Apple to create a backdoor in iOS they claimed would never leak?!

They most certainly did.

It would be funny if it wasn't so terrifying.

Help! I run Windows — where can I learn more about WannaCry?

Our Microsoft-centric site, Windows Central, has ongoing coverage.

Read: WannaCry ransomware FAQ: Everything you need to know

Rene Ritchie
Contributor

Rene Ritchie is one of the most respected Apple analysts in the business, reaching a combined audience of over 40 million readers a month. His YouTube channel, Vector, has over 90 thousand subscribers and 14 million views and his podcasts, including Debug, have been downloaded over 20 million times. He also regularly co-hosts MacBreak Weekly for the TWiT network and co-hosted CES Live! and Talk Mobile. Based in Montreal, Rene is a former director of product marketing, web developer, and graphic designer. He's authored several books and appeared on numerous television and radio segments to discuss Apple and the technology industry. When not working, he likes to cook, grapple, and spend time with his friends and family.

12 Comments
  • Heard my sister tell someone yesterday that Mac users don't need to worry about this stuff. Then told everyone how your Macbook was remotely hijacked and she had to have it wiped.
  • Macs won't be affected by WannaCry specifically, but are obviously vulnerable to other attacks. As always, follow basic security:
    - Keep your OS updated
    - Use an antivirus, and run a full scan every month or so
  • "macOS on Mac hardware" - "macOS anywhere" FTFY. This is Windows only, a Hackintosh is fine here. It may get something else, if you download the ISO from a cracked site. But WannaCry is Windows only.
  • I would be utterly confused if this happened to me. My mom has a newer PC, but i realized if this happened, she has no idea how to go about buying bitcoins and going through all that. I don't, either, for that matter. And how do I do it with my now useless computer.
  • Giving in to the ransom isn't the solution as it only increases the likelihood of these attacks happening again. Instead, google how to get rid of it, there's plenty of information online
  • Both Windows XP, Windows 8 and Windows Server 2003 (all technically unsupported) were patched for this vulnerability on May 12th. https://webcache.googleusercontent.com/search?q=cache:IsnYv9Y0h6wJ:https...
  • Microsoft released a patch for the bug (which is a bug in the SMB protocol patched in March) so in order to be infected you had to be 1). Running windows XP 2). have not updated that windows XP for a few months and not installed the patch. If you were running a more modern version of windows or macOS this specific ransomware can not affect you yet you suggest that all versions might be immune unless I read it wrong?
  • The Windows XP patch was only released as an exceptional circumstance after the attack had taken place, as Windows XP is unsupported. In other words, you shouldn't be on Windows XP, or Windows Vista for that matter as Vista is now unsupported too
  • This: > But... but, last year didn't the government wanted Apple to create a backdoor in iOS they claimed would never leak?!
    >
    > They most certainly did.
    >
    > It would be funny if it wasn't so terrifying." And the ex-FBI head was backing a new bill to force decryption without using the directly using the word "backdoor" … it was an anti-end-to-end-encryption law.
  • I don't see what relevancy this has to this article whatsoever
  • Are you really that shortsighted, or are you just trolling for sport?
  • Just so people are aware: Windows 7 has been hit hard by this malware, not just computers still using XP.