Over 237,000 computers worldwide were affected by malware known as WannaCry last weekend. And although the spread of the ransomware attack slowed over, the respite might only be brief.
What does WannaCry do
Wanna Decryptor, also known as WannaCry or wcry, is a specific ransomware program that locks all the data on a computer system and demands a $300 payment in Bitcoin before unlocking it. Specialized IT companies like Penta had their experts working over the weekend to make sure all preventive measures are in place to ensure that no critical business is affected.
The malware was able to spread thanks to flaws in old versions of Windows. And although Microsoft has taken a rare step of issuing patches for unsupported Windows’s versions, and a security researcher triggered the kill switch to halt the global spread of the virus, the threat is not over yet.
How to prevent it
It is difficult to prevent determined hackers from launching a ransomware attack, but being careful helps. Cyber attackers need to download the malicious software onto a computer, phone or other connected device and the most common channels are compromised emails and websites.
According to Microsoft’s Malware Protection Center, there are certain steps you should take to protect yourself against WannaCry or any other ransomware:
- Install and use an up-to-date antivirus solution
- Avoid clicking on links or opening attachments or emails from people you don’t know or companies you don’t do business with
- Ensure you have smart screen (in Internet Explorer) turned on, which helps identify reported phishing and malware websites and helps you make informed decisions about downloads
- Have a pop-up blocker running on your web browser (Chrome, Internet Explorer, Safari)
- Regularly backup your important files
- Check if you have the latest Microsoft patches: click Start > Control Panel > System and Security. Under Windows Update click the View installed updates link. For Windows 10, go to Start > Windows Updates > Updates History.
If you don’t have patches from April or May download the latest update version from the Microsoft Update Catalog, and install it.
You’re only as strong as the weakest link in your organization
Have a clear set of security rules which are known and followed by all the employees. You can have the most secure system in the world, but hackers will always seek out the weakest link.
According to the ACC Foundation: State of Cybersecurity ReportData breaches are most likely to be the result of employee error or an inside job. Make sure your internal security policies are in place. Handling the aftermath of any crypto malware attack is a huge challenge for any organization. Prevent it before it becomes your problem.