One of the fastest spreading security threats across the globe is the emergence of ransomware. Ransomware is a malicious computer application whose main purpose is to lock/encrypt people data in the computer that the application exists. Such malicious applications are usually transmitted through web pop-ups and email and the proponents of the ransomware usually threaten to delete the data if their specified ransom is not met.
This was the case with the global WannCry ransomware attack that affected more than 200,000 Windows computer around the globe. The attack spanned more than 150 countries including Britain, China, Japan, Germany, and many others, affecting individuals, governmental departments, hospitals, academic institutions, and commercial enterprises. The attack did not discriminate nor select their target as they attacked any computer that was vulnerable, highlighting how dangerous these attacks can be. Moreover, it also highlights how difficult it is for businesses and other entities to protect themselves from such attacks.
Marty P. Kamden, a marketing executive at NordVPN, a private network provider reckoned that the vulnerability to attacks was not a preserve of individuals by stating that big companies and governments, organizations which have a great deal to lose have failed to secure their IT systems and more importantly, train their employees on matters of necessary security practices. He further asserted that cautious use of the internet could have averted the attack by preventing malware infections.
Update Your Operating System – Just like it is with many other ransomware attacks, this particular attack called WannaCry focused on computers running Windows Operating System. Thus computers running non-Windows Oss and Macs were not affected. The WannaCry is thought to have first infected computers through email downloads. Thereafter, the malicious code was spread through Windows file-sharing system to other computers in the same network.
However, the most astonishing thing about this particular attack is that Microsoft, the maker of Windows had released a patch to negate the vulnerability that WannaCry took advantage of some eight weeks prior to the attacks, as Veracoe’s chief technology officer – Chris Wysopal – points out. He further reckons that had people updated their Operating Systems, the attacks could not have happened.
In many regards, it is the consumer’s complacency that made this attack as pervasive as it was. With this in mind, it is in our best interest to update our Operating Systems as soon as the updates are available. It is even better when you configure your computer to automatically install the latest software updates available.
Make Use Of High-Quality Antivirus Software – Aside from carrying our updates are required, it is in the best interest of consumers to install a high-quality antivirus software such as Norton , Bitdefender, Kaspersky, or Malwarebytes. Mr. Kamden reckons that at least 30 percent of the popular antivirus programs could have detected the malware presence and taken neutralizing steps.
However, it is not enough to install antivirus software. You should ensure that its virus definitions are always up-to-date. This means that you should regularly update your antivirus or simply configure it for automatic updates. You also need to be wary of public wi fi such as those in internet cafe’s or coffee shops as these are an easy target for cyber criminals and especially if you are travelling and unaware of your surrounds so it pays to avoid these kinds of networks for additional safety .As this article on public wi fi safety reveals dont just assume you are safe and it will be ok as this is the very thing a would be cyber attacker is praying on in order to steal your money, data or worse your identity.
However, when faced with a ransomware attack, you should desist to pay the ransom. In many cases, the attackers tend to be overwhelmed and thus are not in the position to unlock the encrypted data. Additionally, some security experts reckon that due to the widespread nature of such attacks, the attackers may not retain the valid decryption keys needed. Hence you may pay and still never get your data back.