Did hearing about WannaCry made you want to cry? Even if you weren’t affected this time around, here are six steps you can take to improve your system’s security and make sure it’s not vulnerable.
On Friday, May 12, the WannaCry ransomware virus began to make headlines worldwide, affecting over 200,000 people in more than 150 countries and making its way into organizations as large as Renault in France and the National Health Service in the UK. People whose Windows systems were out of date rushed to make updates to avoid having their data held for, well, ransom. Microsoft even issued a special patch for older versions of Windows to help users protect themselves from possible problems. But what was the attack, and how can you protect yourself from something similar?
WannaCry is a fairly typical “ransomware” virus that encrypts data on a hard drive and holds it for “ransom” until users pay a fee (via Bitcoin, in this case) to get it back. It’s important to note that users don’t necessarily get their data back even if they pay the fee, so protecting yourself is typically better than paying up. Like any virus, WannaCry has to spread, which it seems to do primarily through a Windows file sharing mechanism, making networks of computers particularly vulnerable. Security company Symantec has reported a growing surge in ransomware attacks, suggesting that hackers are finding the ransomware approach profitable or otherwise rewarding.
Here are six ways you can protect yourself against ransomware like WannaCry and other viruses:
Okay, so you can’t literally vaccinate your computer. But installing a reliable antivirus program to protect your computer is the next best thing. To avoid ransomware attacks and other viruses, you should act immediately to put a security solution in place that will scan your computer for potential threats and shut them down before they can take malicious action like encrypting, copying or deleting your files.
Always, always, always keep your software up to date. The latest version of Windows had a patch that rendered the vulnerability exploited by WannaCry null, so anyone with the current Windows was “immune” to the virus. Although Windows issued a new patch to combat the virus, people who update diligently didn’t have to sweat it. Sometimes people refrain from updating their systems for fear that an update will cause incompatibility with a system they need to use. This isn’t commonly a problem, but next time the friendly system update pop-up surfaces, ask yourself: is it better to be incompatible with one app or to lose all your data? (Then, update.)
The best way to back up your data is with a secure cloud solution or on a local offline device such as an external hard drive. If you have your data backed up, you’ll never need to pay ransom for it, discouraging people from launching ransomware attacks in the first place.
We can’t say it enough: you should never click on emails or links or download files from sources you don’t. But no matter how many times we say it, it never seems to sink in, so it may bear repeating again: only open emails, click links and download files from known sources that you trust. Otherwise, even the smartest antivirus program might struggle to protect you.
Look for the green checkmark or lock icon to make sure that the websites you visit are protected by SSL (Secure Sockets Layer), which prevents your data from being transmitted anywhere other than exactly where you want it to go.
Although it may seem tempting, it’s not actually a good idea to pay the ransom if you are affected by ransomware. You’re not only potentially revealing financial information to hackers, you’re not likely to get your data back anyway. Reports are saying that tens of thousands of dollars have been paid to the WannaCry hackers, which will only serve to encourage them to create additional viruses like this. If you were affected by WannaCry, wiping your computer and restoring from backups (you have those, right?) is your best option at this point.
Have we convinced you to start backing up your computer yet? How about at least using secure forms? Learn more about the ways we protect user data in this article.