Our lives are inextricably tied to our computers and mobile devices, with critical business and personal information stored on these machines and in interconnected information systems.
This leaves all of us vulnerable to increasingly sophisticated cyber crimes including hacks and viruses such as the “WannaCrypt” or “Wannacry” ransomware attacks that have gripped the world over the last week. Local cybersecurity expert Jack Warren explains what you need to know about these most recent attacks and how you can avoid being snared by this malicious virus.
We’ve all heard about this devastating “WannaCrypt” ransomware attack. How – if at all – is that going to impact most people reading this?
WannaCrypt is a specific type of computer virus called ransomware, which locks your files or your computer until you pay a ransom. Ransomware itself is a very real threat to normal people, but WannaCrypt spreads from computer to computer with a glitch in a part of Microsoft Windows usually only used by big organizations, like governments and businesses. That means that the average person’s computers are likely safe from WannaCrypt, but things like hospitals and public transportation could be affected.
Why is this particular attack getting so much attention?
WannaCrypt is a devastating combination of a few things that have really only been seen in isolation before. First, the glitch being used to hack into the computers was actually developed by the United States National Security Agency (NSA) to help the government, but hackers stole many NSA hacking tools earlier this year. Secondly, WannaCrypt is a “worm,” meaning that rather than using a central server to infect computers, each infected computer helps infect more computers, so it spreads more quickly. Lastly, the targets of the attack are a critical to everyone, including governments, hospitals, public transportation, businesses, and corporations.
What should someone do if they are infected and a cyber attacker demands they pay ransom to gain access to their information?
The ideal case is that you have backups of your data, in which case you can roll back your computer to right before you had the virus. Otherwise, try searching Google for the ransom note you’re getting, or the virus name if you can see it. You’ll find specific advice, and in some cases even special tools that can remove the virus and save your files without you having to pay the ransom.
The breadth and sophistication of these attacks can leave individuals thinking there’s not much they can do to protect themselves. What are the two to three things everyone should do to minimize risk in this area?
The biggest way to stop ransomware attacks is to back up your files. One of the easiest ways to do that is by installing a product such as Google Drive or Dropbox and saving your documents there, so your documents are safe in the cloud if anything ever happens to your computer.
A big defense against all viruses, too, is to keep your computer up to date: Microsoft actually patched the glitch WannaCrypt uses earlier this year, and all the organizations being infected simply never updated their systems.
Is there any reason we shouldn’t believe that the future is pretty bleak – that is, these attackers – be they organized crime or government backed-cyberthugs – are going to just keep trying to find new ways to mess with our infrastructure and access sensitive personal and financial data? And can cyber defense experts stay one-step ahead?
Attacks like this actually end up making everyone more vigilant: any of the organizations hit by this attack are definitely going to do their best to not end up a victim again. Hackers will always come up with new glitches and exploits, but Microsoft, Apple, etc. are very fast about fixing issues and it is up to us to make sure our systems are up to date with the latest fixes.