WCry/WannaCry Advice for UK Businesses

WannaCry Ransomware: A Wake-Up Call for Businesses Still Using Outdated Systems

Back in May 2017, the world witnessed one of the most widespread cyber-attacks in recent history—WannaCry ransomware. Over 200,000 systems across 150+ countries were compromised, including critical infrastructure such as the NHS. This malware was spread primarily via email attachments, encrypting valuable data and demanding a ransom starting at £230, escalating to £660 if unpaid within 72 hours.

WannaCry specifically targeted older Microsoft operating systems such as Windows XP, Windows 2000 Server, Windows 2003 Server, and Windows 8—systems using the outdated SMBv1 (Samba v1) file-sharing protocol. Windows 10 and later versions, which received timely security updates, were largely unaffected.

The key takeaway? Running legacy systems exposes your business to significant cybersecurity threats. Once a single device is infected, the ransomware attempts to spread across the entire network, potentially paralysing operations and causing serious data loss.

In 2025, this incident remains a stark reminder of the importance of proactive IT management. Businesses must prioritise regular software updates, replace unsupported operating systems, and invest in robust cybersecurity strategies. An IT Support Contract can help ensure your systems stay protected and compliant—shielding your organisation from the next WannaCry-style ransomware attack.

The malware's name is WCry, but also uses variants such as WannaCry, WanaCrypt0r, WannaCrypt, or Wana Decrypt0r.

What Action Should You Take?

• Do not open any attachments in E-Mails where you do not know the sender.
• Ensure you buy cybersecurity software and install it on your computers, smartphones, and servers. (Free products such as AVG just aren't good enough)
• Ensure Windows Update is enabled and you have all the latest updates installed.
• Perform regular (daily) backups of any data you do not want to lose and ensure this is held off-site. USB drives connected to your computer or server will also be encrypted by these types of viruses.
• Ensure that your staff are aware of the outbreak and know what to do should they accidentally infect a PC. (See Below)
• Upgrade all systems to Windows 10 as soon as possible.
• Use a perimeter firewall with virus scanning to block viruses BEFORE they enter the network.
• Conduct end-user training to improve internal procedures.
• Review the use of personal E-Mail systems within the workplace.
• Review the use of using personal USB devices and connecting smartphones to computers.
• Devise a disaster recovery plan.

What Should I Do If I Become Infected?

• Immediately remove the network cable from the back of your computer and disconnect from any WiFi networks.
• Remove any attached USB storage device from your computer
• Turn off your PC.
  
  

At this point, you should call in an IT expert to reinstall your computer. Whilst the virus/ransom-ware can be removed, the damage that has been done cannot. We would highly recommend simply reinstalling your computer if you're unfortunate enough to be infected and restore your files from backup.