Despite successes containing the virus, the Department of Homeland Security is imploring Internet users and providers to be vigilant against the WannaCry ransomware attack, which to-date has affected hundreds of thousands of computers worldwide.
WannaCry, which was first leaked by the NSA for cyber warfare purposes, was eventually obtained by the Shadow Brokers hacker group before the worm was distributed even more widely, experts say. So how does it work? Once a computer is infected by WannaCry, it exploits a vulnerability in older versions of the Windows operating system to encrypt entire systems, then locks users out of their system altogether until they pay a $300 ransom.
But it’s not all bad news. Fortunately, coding errors in WannaCry have made it possible for users to recover their files, according to Kaspersky Lab. But other ransomware files stolen from the NSA have also been released — and some are even harder to detect than WannaCry. Here are four ways to protect your computer from these and other cyber vulnerabilities.
1. Stay Current on Security Updates
The most important key to preventing ransomware attacks is to stay current on the latest security updates. Keeping your software versions, security patches and antivirus software updated is the best line of defense against ransomware.
If your operating system is running on Windows 10 — and you remain judicious in downloading security updates — you should already be protected from WannaCry. Meantime, individuals using older versions of Windows are most vulnerable to the WannaCry attack. However, Microsoft’s website offers guidance on how to prevent and detect WannaCry infections, including a link to install a security update if your system hasn’t automatically done so.
2. Don’t Fall for Common Cyber Scams
Another key to avoiding ransomware attacks is not falling prey to common cyber scams that lure you into clicking on infected links and attachments. To limit any temptation, make sure to employ spam filters to reduce the amount of spam that reaches your inbox. Additionally, use your email software’s preview mode to inspect email messages for any nefarious activity before opening them. Here are a couple of other useful tips:
- Don’t open spam emails or click on any links or attachments inside them.
- Don’t forward any emails from unknown sources.
It’s also important to avoid visiting infected websites. Keep your browser updated to deploy the latest security measures and keep your firewall turned on. To remain safe, don’t click on suspicious or unsecure links, and don’t download any files if you happen to visit those websites.
3. Disable Any Macros
Some forms of ransomware can slip into your system through macros in programs like Microsoft Word and Microsoft Excel. While legitimate macros are useful for automatically executing functions in these programs, hackers can introduce malicious macros onto your system through infected documents or files that then spread the malware throughout your system. To prevent this, make sure to disable macros for these programs.
4. Back Up Your Files
Another important precaution to protect yourself from a ransomware attack is backing up your files. If your files are properly backed up — even if your system becomes infected — you can still recover your files from your backup copy, providing you a safe means to access these materials without having to pay a hefty ransom.
Nevertheless, the best practice when backing up files is to keep at least three copies stored in at least two different locations, with one copy to be kept at a different physical location than your computer. For instance, you might store one copy on your hard drive, one on a backup drive and one on a remote cloud server.
Leading cloud backup services like Mozy allow you to schedule automated file backups that are protected by encryption so hackers can’t access them. Indeed, employing secure data backups provides you assurance against losing your files to ransomware.