What Are the Risks From WannaCry and Similar Ransomware?
Maintaining the security of your computers and devices has never been more important. High-profile hacks and ransomware are happening every day, even to some of the largest companies and organizations out there. It’s tough to imagine hackers going after smaller fish, especially someone like you. Sadly, it happens every day, and it will keep happening.
Hackers and the unscrupulous prey on ordinary victims just like you. They use a vast array of cyberattacks, from viruses, Trojans and malware to the more frustrating ransomware. One of the more infamous forms of this is the WannaCry attack that recently swept the airwaves and infected thousands of machines.
Photo by Lewis Ngugi on Unsplash
Like malware, ransomware can be easily avoided by ensuring all your software, applications and anti-virus programs are up to date. You also want to maintain a proper firewall on your computer and local network — this prevents most attacks from getting in. Try to avoid any and all shady websites or areas of the internet and don’t click on any untrusted attachments, links or content.
But what is ransomware exactly, and how can you protect yourself from it? God forbid, how do you deal with it if you’ve been attacked?
What Is Ransomware?
Many cyberattacks are similar in nature and were designed with malicious intent. They are carried out by various types of software, which include malware, ransomware and more. Ransomware, in particular, is a malicious piece of software or code that intentionally locks down a computer or system and then demands monetary payments to remove the lock.
It comes in many different forms. For example, one attack may install cookies that show annoying pop-ups every time you open your browser. Those windows make noise and flash all kinds of ads saying you are infected and you need to pay to have the offending content removed.
Photo by Roman Kraft on Unsplash
A worse attack might encrypt and lock down an entire directory of files and then demand you make a payment to gain access to said content again.
One of the most common demands is to pay in bitcoin, a virtual cryptocurrency common on the internet and across various web platforms. Another might demand credit card information or direct wire transfers of money to a virtual account.
Either way, cybersecurity firms recommend never paying the ransom. There is no guarantee that once you pay, the attackers will release their hold on you. In fact, it’s possible they may even try to extort more money out of you.
What Is WannaCry?
WannaCry is a type of ransomware that took advantage of an exploit in the Windows operating system. Shortly after being discovered, Microsoft released an update to fix the problem, but the ransomware was already widespread.
It was able to infect a lot of machines because many had not been updated, and those using the computers were not aware the ransomware had taken hold.
The most interesting aspect of WannaCry is that the security flaw was originally exploited and used by the United States National Security Agency (NSA) for direct spying. The vulnerability was later leaked, and hackers were able to take advantage of it in their own way.
If you are running an older version of Windows that is not up to date with the latest security patches, then you may be at risk, if you aren’t already infected.
How Will I Know I’ve Been Attacked?
Ransomware of any kind gets its name because it demands payment from the user to unlock access. You will know almost right away if your computer or device has been infected. If you are experiencing these problems, it’s important you adhere to the following instructions:
- Do not under any circumstances pay the ransom or make any payments. Do not share any financial or personal information with anyone, even if they ask. There is no evidence of hackers returning ownership of content.
- Disconnect the infected computers from your network and the internet until they can be cleaned.
- If you do not know what to do or have no idea how to proceed, get in touch with an IT support team.
- Organizations and businesses that have been affected will want to get in touch with law enforcement as soon as possible.
- Restore any backups of data to wipe the infected computers.
If you haven’t already been infected, make sure you update the Windows operating system in full, all of your software and applications and check your firewall and anti-virus software and make sure they are up to date.
How Do I Protect Myself?
There are some general rules you can follow to protect your computer and personal data or that of your organization.
The first is obviously to make regular backups and copies of all your sensitive and important data. If and when you lose access to this content, it helps to have it stored elsewhere. If ransomware infects a machine and you cannot regain access, you can simply wipe it and restore for an easy clean. You won’t lose much — if anything — so long as you made regular backups.
Photo by Ben Koorengevel on Unsplash
Always scrutinize unfamiliar links and attachments no matter what software, application or website you are using. Never open anything from untrusted sources, including contacts. If something looks suspicious to you, even just a little, then avoid it. It’s always better to be safe than sorry.
On a similar note, read “How to create a Secure Website“.
Never download software or content from sources you don’t trust. Email providers like Gmail restrict the download of photos and attachments to protect your security. You can choose whether or not to pull this content based on the contacts and whether or not you trust them. Always remember, it’s possible for someone you know to be infected and become a carrier of certain attacks. Be wary and cautious.
Always update any and all software, including anti-virus and malware programs. As long as you stay on top of your security, you should be fine.