Naavi’s Advisory for Common People on WannaCry

Wanna Cry has not only affected companies, but also individuals who donot actually are target audience for payment of extortion money. Hence this advisory for such people.

Leaving all the technical discussions to the experts, I would like to provide the common man’s guide to fighting the ransomware like WannaCry. This advisory is meant for circulation in the Whats App Groups of non technical persons.

If you are not so far affected by WannaCry, consider yourself lucky. But your luck may not hold for long and hence act immediately with the following steps.

  1. Disconnect Internet and donot use Internet or E Mail until the following exercise is complete.
  2. Buy one external hard disk matching your computer memory and create a full back up of both your operating system and the data.
  3. Windows  provides an easy system back up option. You can use it. Additionally data can be backed up manually.
  4. Ideally have two back ups, one created through windows and another manually.
  5.  Some Anti virus software also provide their own means of creating a recovery disk. Create such a Recovery disk through the anti virus software. Also create another recovery disk through the process recommended by your computer/laptop manufacturer so that you can re-install the operating system from scratch.
  6. Some security software manufacturers may provide options for recovering the computer without re-installing the Operating system. But this may be complicated for an ordinary computer user.
  7. Now go back to the computer and Internet. Update your Windows to current version (Windows 10) and apply all patches. Download updates to your anti virus software. I advise you to also use a paid version of Malware Bytes or such other dedicated anti malware software as a second defense.

Now you may be ready to face the consequences of a future attack. If there is an attack, donot pay ransom. Re format and restore the OS and data from the back up.

In case you are affected before you have taken the back up, it is most unfortunate. If you feel your data is not that critical, forget the incident as a bad dream and start afresh. Even if you are tempted to pay the ransom, beware that buying ransom amount in bitcoin and paying it to the extortionist is itself a punishable offence since it is classic “Money laundering”. Also there is no guarantee that the data would be restored even after payment.

if you are a professional, keep a record that your computer was in fact attacked. This is by having a certified copy of your desktop with the ransomware message. CEAC.IN will provide the details of how this certificate can be obtained. This is required as an evidence since some time later, the taxman can ask you for the data which you may refuse and he may charge you for not providing the required data and assess you with a penalty.

After certification, you can keep the hard disk preserved so that if in the event that some good samaritan finds a decryption key for the WannaCry int he next few weeks, you may restore your data. In the meantime you may use a new hard disk to continue your activities with the precautions mentioned earlier.

Ensure that you donot spread the infection in your computer to other computers by forwarding infection ridden e-mails and messages. You should yourself now stop responding to phishing mails and clicking on the attachments from unknown sources.

If necessary, open your emails first on your mobiles before opening on the computer. Ensure that your mobile also has a good anti virus program running.

Remember that there would be phishing mails suggesting removal of WannaCry which itself may infect. Be careful even if the e-mail appears to come from “Naavi”. There have been earlier occasions when spoofed e-mails have gone apparently from “Naavi”. I will not take any responsibility for it. It is your responsibility to identify phishing e-mails and act cautiously.


(P.S: Experts can suggest corrections if required to the above advisory. You can add your comment so that any person visiting this page would get the benefit of your suggestions.)

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.