The recent WannaCry ransomware attacks have a lot of people wondering if their business is at risk from malware attacks.
The short answer is yes. The long answer goes on for a bit more, but the answer is still yes.
Don’t panic! There are some simple things you can do to help prevent these attacks from shutting down your business or stealing your sensitive data.
What is WannaCry?
WannaCry (or WannaCrypt) is a ransomware computer worm that has recently infected over 300,000 computers worldwide.
The worm exploits a vulnerability in Microsoft’s Windows operating system, encrypting files on the device and spreading to other devices on the same network.
A ransom of $300 (payable in Bitcoins) is demanded, and the ransomware claims files will be unlocked after payment is made.
Whether or not any files have actually been decrypted after payment is received remains unknown.
Who Developed the Worm?
The vulnerability was first discovered by the NSA, and was made public by the hacker group The Shadow Brokers, who originally tried to sell the information but had no offers.
The WannaCry worm was developed to exploit this vulnerability, and is believed to have been created and deployed by North Korea.
How Does it Infect Computers?
No one is quite sure how this worm initially infects computers, but commonly they are hidden in email attachments that need to be opened before they can infect.
Some malware can infect computers when a website is visited or an image is viewed, but these types are much less common.
Once it has access to one computer on a network, the worm automatically spreads to the other networked computers.
These additional victims do not need to open an attachment, visit a site, or view an image - simply being connected to the network is enough to infect them.
How Can I Prevent It From Infecting my System?
Digital security is not a one time event. Simply installing an antivirus program will not ensure that your computer remains ransomware, virus, spyware, or malware free.
To paraphrase Thomas Paine, “Eternal vigilance is the price of surfing the internet.”
There are several steps you can take to help make sure that your computers do not become infected with this (or any other) malicious program.
Here are the 5 most important things you can do to help keep your system running smooth:
- The best way to prevent these problems is to not let them start. Operating systems regularly update their software to patch vulnerabilities as they are discovered.
- Make sure that your computers are set to auto-update so your systems are fully protected at all times.
- Keeping your system up-to-date will go a long way towards making sure there are no vulnerabilities to exploit.
- Most malware initially enters computers through attachments to email. You should never open an attachment from an unknown sender.
- Some malware is designed to look like it comes from a trusted source. Never provide your passwords, login info, or any other sensitive info via email.
- If a company you do business with needs you to login and take some action, go directly to the business’s website. Do not use the email link (just in case).
- Some malware can enter a computer through images. Disabling the image preview in your email settings will solve this issue.
- Some email has taken steps to eliminate this problem, so check with your email provider to see if image preview is safe to use.
- Sites like virustotal.com can scan suspicious files before you open them, letting you know if an attachment is safe. As a rule, if you think a file needs to be scanned, just don’t open it.
Backup Your Data
- You need to be backing up your data at least once a day. The more your business relies on its files, the more often you should be doing this.
- Make sure that you’re backing up your files to the cloud or an unconnected drive or server.
- If the backup storage is connected to the infected computer, it will be infected as well. Connect the storage only during the backup, then disconnect.
- Never, ever connect to an unsecured wifi network. Connecting to an unsecured network leaves your device open to hacking from anyone in range.
- If your business provides wifi to your customers, make sure you secure the network. Give them a password so they can login and surf safely.
- Don’t forget to change the password from its original setting, as well. Nobody wants to type in that mess of numbers and letters.
- This is actually a good rule for every situation. Try and implement this throughout your day.
- Don’t go to questionable websites. If you aren’t sure if a website is a good actor or not, google the business and see if anyone else is talking about this site.
- Don’t click on pop-ups except on trusted sites and from trusted sources. Use the task manager to close any pop-ups you think might be questionable. Sometimes clicking anywhere inside a pop-up (even on the “x”) will only cause more trouble.
- It’s called clickbait for a reason. If a deal sounds too good to be true, it’s malware.
No system is completely safe, but by following a few simple rules, you can go a long way towards making sure your computers and data are kept safe from attacks.
Institute a company-wide policy on emails, inform your staff about the policy, and make sure it is adhered to.
Have IT ensure that operating systems are kept up to date and that anti-virus software is installed and run on a regular basis.
Backup your data. Backup your data. Backup your data.
By backing up your data regularly, installing updates as soon as they are available, and using some common sense, you can stop most attacks before they begin.