A Saskatoon IT company says they are preparing for what could be a busy day as a second strain of a damaging cryptovirus starts to spread.
The first strain of the cryptovirus, known as Wannacry, shut down hospitals in Britain and, as of noon Sunday, has impacted 100,000 businesses in more than 150 countries around the world, considered the largest cyberattack in history. Jeff Shirley, the owner of Saskatoon-based Rivercity Technology Services, says the cryptovirus carries a "ransomware", which holds your computer hostage and requires an online payment of $300. After a certain timeframe, that payment doubles, and if you don't make the payment, it encrypts all files on the network. The virus is released when you open an attachment, usually a .doc or .pdf file, from an infected email. Over the weekend, a British cybersecurity researcher was able to identify a "kill-switch" in the malware's code, but Shirley says a second version of the virus, which is more refined and has no known kill-switch, is already in circulation and could spread rapidly when most businesses open up on Monday around the world. Shirley says the virus targets users who haven't installed a March update to Microsoft operating systems older than 2012, including Windows XP, Vista, Windows 8, Server 2003 and 2008 Editions. Shirley says larger businesses, like FedEx and a Spanish telephone company, have been hit by the cryptovirus because they have a very large network of computers around the world, but smaller businesses can mitigate the risks by updating each computer's operating system. He also suggests equipping a firewall, along with backing up your computer to a removable media so not all your data is linked to the computer network. As for employees booting up their computer first thing Monday, Shirley says if you see emails from unknown sources with an attachment, delete them immediately and do not open the link, as all it takes to spread the virus is a double-click on an attachment. And even if the email is from a recognizable company, Shirley says you should slow down and if you know the person the email came from, call them and ask if they meant to send the email and if it is legitimate.