Ransomware – What it is and how to protect yourself
By now you probably know about the disastrous ransomware attack that started in the UK last week and currently impacts millions of computers worldwide. This brief explains what’s going on and how to avoid being affected yourself.
Ransomware is an insidious form of malware (bad software) that encrypts all the files on your computer and makes you pay hackers a ransom to unlock them. If you do not pay the money, you will never be able access any of your files.
The current form of ransomware that has swept the world is called “WannaCry.” No one knows where it came from or why it was unleashed. The good news is that a young security researcher in England appears to have deactivated it. However, that doesn’t mean you should breathe a sigh a relief. This class of malware is here to stay and is likely to proliferate in the future.
In this particular case, the ransomware only affects Microsoft Windows systems. If you have a Mac, you are safe from this one, as are users running Windows 10. The virus is based on a bug in older Windows software, which Microsoft fixed in March 2017. Users of older software whose computers were affected had not run Microsoft updates.
To protect from this and future malware, we suggest doing the following.
- Run updates for your software, if you haven’t done so already. Set up your system to run updates automatically – for all systems, including Mac. Mac software hasn’t suffered one of these attacks yet, but almost certainly will be vulnerable in the future. Incidentally, you should do this for your phones and tablets as well.
- Upgrade to a current operating system if you are on an old one. The newer systems are more secure and, moreover, vendors are no longer issuing security updates for older software. In the Windows world, this includes Windows XP, Vista, Windows 7, and anything older.
- Install a current anti-malware/anti-virus package and make sure that the program updates itself regularly with new data on malware.
- Back up your device and continue to run regular backups. If you do suffer an attack, it is easier and less expensive to reinstall your operating system and restore your files from backup than to pay ransom and risk running a contaminated machine.
- Do not open emails from sources you don’t know. Even if an email is from someone you know, do not open attachments unless you are expecting them. Similarly, don’t click on links in emails unless you are confident they are legitimate. This is the main way malware of all kinds is propagated these days, so this step is crucial.
These are things everyone should have been doing anyway, but with the current scare about ransomware, remembering and practicing these simple steps is vital to avoiding future problems.
If you are interested in the technical details about this and other malware, go to https://www.us-cert.gov/ . This is the website of the United States Computer Emergency Readiness Team (US-CERT), which is part of the US Department of Homeland Security.