Friday the world was given a sampling of exactly how much damage ransomware can cause. Cyber criminals released a brand new form of ransomware that had the capability to replicate itself and infect other machines on the same network. This allowed it to spread at a very rapid rate. The ransomware’s more notable victims were the NHS, UK’s healthcare sytem and the Spanish telecom giant Telefonica. Surgeries were cancelled, ambulances were diverted and services were interrupted.
This ransomware called WannaCry, took advantage of a vulnerability in Windows that had been found by the NSA and then published on Wikileaks. In March, Microsoft issued a patch that effectively eliminated this vulnerability. You may be wondering why millions of machines became infected if this vulnerability was addressed. The answer is two fold. First, Microsoft has stopped supporting older operating systems such as XP and Vista. That means they do not normally provide security patches for these operating systems. Second, many users do not install the latest updates.
So how to you keep your data safe from WannaCry and other malware?
- Backup your files regularly
We are human, at some point we may click on something we shouldn’t. If all your files are backed up, you can restore your system if you are hit by malware.
- Keep all your applications secure by installing all updates
Programmers are human too. Sometimes their programs are released with vulnerabilities that allow criminals to use the programs for their own purposes. When those vulnerabilities are found, they are fixed with a software update. If you do not install your updates, you leave your computer vulnerable.
Do you have a XP or Vista machine? You should consider upgrading to Windows 7 or 10. In the meantime, Microsoft has taken the unprecedented step of issuing Vista and XP updates to address the vulnerability WannaCry exploits.
- Verify all links and attachments in unexpected emails before opening them
To date the majority of malware is delivered by a user clicking on a link or opening an attachment. Phishing emails are no longer containing, poor graphics, bad grammar or are coming from strangers. More and more attacks appear to come from someone you know, contain relevant content and are slick in their appearance. To truly stay safe, you should contact all senders of unexpected emails containing links or attachments by phone and verify that they actually sent the message.
By following these simple steps, you will avoid the heartbreak of WannaCry.