Ransomware: How to protect yourself
The global ransomware cyber-attack shut down hundreds of thousands of computers around the world over a few days by exploiting a software vulnerability.
If you feel you may be at risk, there are several measures you can take to protect your computer and its data.
Update your computer by installing patches from Microsoft, especially those using older versions of operating systems such as Windows XP. Microsoft put out a patch two months ago for more recent systems, but not all users may have downloaded it. After the attack, known as “WannaCry,” Microsoft released an emergency patch for older systems too.
RANSOMWARE: WHAT IS IT?
This specific attack aside, all computer users can take precautions to avoid being victimized by an attack. First, don’t open emails from senders you don’t know. Always be on the lookout for suspicious emails with attachments that you did not request, and never click on links from questionable sources.
Remember you are also taking a risk every time you download and/or install a file from the Internet.
Tom Bossert, a homeland security adviser, said that the global cyberattack is something that “for right now, we’ve got it under control” in the United States. The “WannaCry” attack is noteworthy because of its scale, but it’s just one of many types of ransomware that cybersecurity experts see every day. That’s because it’s a very easy way to make money. “It’s a business model that works and you don’t need a lot of investment to actually get a decent return,” said Tim Wellsmore, Asia-Pacific director for threat intelligence at FireEye, a California-based network security company. “You can buy ransomware kits on the dark web, you can buy all the tool sets you need to undertake your own ransomware campaign quite easily,” he said, referring to an area of the internet often used for illegal activity.
Would-be extortionists can launch a global campaign with little effort, yet authorities can do little because it’s very difficult to investigate, Wellsmore said. Microsoft’s top lawyer has criticized U.S. intelligence for “stockpiling” software code that can aid hackers. Cybersecurity experts say the unknown hackers behind the latest attacks used a vulnerability exposed in U.S. government documents leaked online.