You’ve probably heard all about the Wannacry ransomware that’s been spreading like wildfire across computer networks since last Friday- the one that encrypts computer files, demands a ransom (that doubles within 3 days) and threatens to delete the files in 7 days if the ransom isn’t paid.
So far, it’s affected over 200,000 computers in 150 different countries. By this morning, people had paid just under £30,000- but the true cost in terms of lost time, lost data and lost business is much greater. Germany’s rail network Deutsche Bahn has been affected, as has the Spanish telecommunications operator, Telegonica, French car producer Renault, US Logistics Company FedEx and even Russia’s Interior Ministry. The attack on 61 of the UK’s NHS trusts has resulted in huge disruption to services and delayed or cancelled operations, putting people’s entire lives at risk.
This attack wasn’t specifically targeted at any particular groups or individuals, but just a faceless virus let lose by cybercriminals with no thought of anything but their own profit. The reality is that because we all depend on technology, personally and corporately, our vulnerability runs deep.
Reports of attacks have slowed down, although experts are warning that we shouldn’t expect it to have gone away just yet. A 22-year-old security researcher became an “accidental hero” when his registering of a domain name to track the virus’ spread ended up putting a stop to it. But even he expects that it’s not over: “The attackers will realise how we stopped it, they’ll change the code and then they’ll start again. Enable windows update, update and then reboot.”
This attack is unprecedented in scale. It exploits a flaw in Microsoft Windows that was identified by the US intelligence- but not sufficiently guarded. Microsoft’s Chief Legal Officer, Brad Smith said: “The governments of the world should treat this attack as a wake-up call.”
Keeping up with schemes that endlessly increase in scale and sophistication is a huge challenge. Of course, major security flaws represent potent ammunition for online terrorists and should be more carefully guarded.
But the truth is that every single person who uses a computer has a responsibility to have a basic understanding of the risks. Everyone should practice basic cyber security.
Here are the basic security measures we recommend that everyone should implement:
• Back up your files.
If your files are stored in the cloud and not just on your computer, you’re not going to be held to ransom. Store data on external servers like Dropbox and Google Drive this makes it easy to restore the latest version of your files.
• Use antivirus software
This will scan files before they’re downloaded. It should also block secret installations and seek out malware that may already be on a computer. If you don’t already have it, enabling Windows Defender is free and effective.
• Install updates!
This is vitally important, since new versions of things like Microsoft Windows fix exploitable vulnerabilities. You can set up alerts to inform you when there’s a new release. If you use Windows, make sure you install the patch that’s been released to block the specific exploit that the Wannacry software is using.
• Be suspicious!
If you receive an unsolicited email, be suspicious! Don’t open it, and certainly don’t click on any links. The same applies to adverts and unfamiliar websites. Don’t download apps that haven’t been verified by an official store, and always look at reviews.
Wannacry doesn’t seem to affect website files, but there are plenty of other viruses that do. Viruses are getting cleverer and firewalls and security software can’t protect against everything. The best way to have peace of mind is to back everything up as that protects against every kind of threat. So if you have a WordPress site, make sure that you install UpdraftPlus today.