First published: 15th May 2017
The WannaCrypt ransomware has hit global headlines since Friday, and there is good advice available from many CERT teams and security researchers for Windows users, but what about Linux?
Although WannaCrypt cannot spread on Linux systems, affected Windows systems will check for disk drives, including network shares and removable storage devices, and encrypt files with extensions matching a long list. Therefore, if you are using a Linux computer as a file server for Windows clients, your files on the Linux server are at risk of being encrypted.
If you have a Linux fileserver with Windows clients, then consider disabling access until you can confirm that all the vulnerable clients have been updated. You might find setting access to Read Only useful in allowing some work to continue while checks continue.
Yui Kee's Chief Consultant, Allan Dyer, admitted, "Eight months ago, I predicted that 2016 was the year of Peak Ransomware, I was wrong. The WannaCrypt incident shows that there are still plenty of vulnerable systems with insufficient backups out there, and criminals are still targetting them. I was over-optimistic about how quickly the factors I mentioned would cause the decline of ransomware. How do you become part of the victory over ransomware? Take regular backups! With recent, offline backups to rely on, you can laugh at the ransom demand."
