Friday was the “Safe Mode” day in a ransomware attack
Last week, the “WannaCry” ransomware attack hit 150 countries, locking more than 200,000 computers worldwide, and leaving users with a $300 payment demand on their screens. Hospitals, government agencies, and many other businesses experienced a genuine “Black Friday”, being forced to disrupt their activities. The most harmful effects were felt by the UK hospitals that had to cancel their non-urgent services, sending multiple patients back home.
The “WannaCry” attack apparently used an NSA exploit, called ETERNALBLUE, a software that allowed hackers to break into thousands of computers using Windows operation system. The main reason for the ransomware attack’s success appears to have been an unsolved flaw of Window’s network protocol used for file sharing and printing. However, in March, Windows fixed this vulnerability and released a software update, which unfortunately wasn’t taken into account by many users.
According to some security researchers, the ransomware wasn’t spread by human error, but by a worm that was once entered into the system, it spread within the entire network. The only thing that could have prevented this from happening was for every Windows user to update their software with the latest version.
As I always say, everybody should treat these cyber-attacks as a wake-up call and start improving their cybersecurity strategy. This is not the first, nor the last ransomware attack, and what we should all do is be up to speed on best practices and learn how to avoid similar tragedies. Here are some insights that will help you prevent WannaCry type of attacks in the future:
Be careful what you click
Human error is probably the number one cause for most of the cyber-attacks. The only thing a hacker needs for opening the door to your company’s network is for you to click their link. It is that simple!
The first and crucial rule is never to open an email or an executable file received from an unknown or unreliable source. Be cautious with emails from your closest friends and relatives. Any email can be spoofed to fool the recipient to think they are reading an email from their best friend or coworker if you are not expecting to receive an email containing an executable attachment or a need to click here message, be cautious and inspect the link.
Never use outdated or pirated operating systems
Many companies are still using pirated operating systems without thinking of how this is jeopardizing their businesses. An outdated and patched OS was the reason why thousands of users paid $50,000 in Bitcoins to recover their files.
Say yes to automatic updates
Automatic updates might save your business from cyber-attacks. I know, from my personal experience, that time is a precious asset for everybody, and sometimes you might overlook updating your software on a regular basis. Keeping automatic updates on is the easiest way to prevent these types of incidents.
Use a reliable anti-virus and firewall solutions
Nowadays there are more than enough anti-viruses and firewalls available on the market, even free ones, which are very easy to install and use. Investing in a good internet security solution is money well spent!
Backup your data
Backing-up your data is among the most important thing you need to do on a regular basis. If somehow, your system or network gets hacked, you will still be able to recover the information you had on your computer. If a hacker asks for a $300 ransom, you might not need to dig into your wallet.
Preventing your computer to be hacked has a lot to do with best practices and discipline. Be careful what you click on, update your software, and look into Anti Virus solutions. I hope you enjoyed the article and looking forward to your comments.
Photo source: pexels.com
