How to protect yourself from 'WannaCry' ransomware attack

'WannaCry' ransomware attack: What we know

Georgia Attorney General Chris Carr is urging people to take precautions after a massive ransonware attack that has crippled thousands of computers at banks, hospitals and government institutions. 

The WannaCry ransomware variant has infected computers in at least 74 countries. 

Ransomware is a type of malicious software (malware) designed to block access to a computer system until a sum of money is paid.

RELATED | 'WannaCry' ransomware attack: What we know

The ransomware took advantage of a flaw in Microsoft's Windows operating system. Microsoft had issued a patch on March 14, but many computers hadn't run the update. Because many of the computers impacted run older Windows systems like XP, Microsoft issued a rare patch for XP, which it had stopped updating more than three years ago.

Carr's office provided the following information help residents lower their risk of attack: 

What is Malware?

“Malware” is a broad term that refers to malicious software. Depending on the purpose of the malicious software, it may simply be a nuisance causing your computer or device to repeatedly crash. Malware could also be a type of spyware designed to monitor computer use, steal personal information or commit other types of fraud. Malware can also infect phones, tablets, and other mobile devices.

Ransomware

Ransomware is a subset of malware that infiltrates computer systems or networks and uses tools like encryption to deny access or hold data “hostage” until the victim pays a ransom, frequently demanding payment in Bitcoin. In the typical case, the criminals demand between $500 to $1,000, but some have demanded as much as $30,000. For instance, some hackers will delete the victim’s files if payment isn’t made within a specified period of time, and many newer variants use highly advanced methods of encryption. Ransomware can be incredibly profitable to criminals, many of whom now have the resources to hire professional developers to build increasingly sophisticated malware (Federal Trade Commission).

How do I Report or Avoid Malware/Ransomware?


Dealing with Possible Fraud:

  • Contain the attack: Disconnect infected devices from your network to keep ransomware from spreading.
  • Restore your computer: If you’ve backed up your files, and removed any malware, you may be able to restore your computer. Follow the instructions from your operating system to re-boot your computer, if possible.
  • Contact law enforcement: Report ransomware attacks to the Internet Crime Complaint Center, FBI’s Cyber Division (CyWatch@ic.fbi.gov or 855-292-3937) or an FBI field office. Include any contact information (like the criminals’ email address) or payment information (like a Bitcoin wallet number). This may help with investigations.

Install Reputable Security Software: At a minimum, your computer should have anti-virus and anti-spyware software, and a firewall. Viruses can be planted in emails or attachments to emails, in programs or files that you download, and even in Web sites that you visit. These viruses have the potential to wipe out your computer files.  Anti-virus software scans everything that enters your computer, looking for these viruses. Spyware is software that tracks your computer activity, gathering information without your knowledge. Anti-spyware software blocks or removes spyware. You may obtain the anti-virus and anti-spyware software separately or as a package. For lists of security tools from legitimate security vendors, visit staysafeonline.org.

Use a Firewall: A firewall is a virtual barrier between your computer and the Internet. Everything coming into or leaving your computer must go through the firewall, which blocks anything that doesn’t meet specific security criteria. Before purchasing separate firewall hardware or software, check your operating system to see if there is a built-in firewall and whether it is turned on.

Update Operating System and Software Frequently: Computer and software companies frequently update their programs to include protection against new security threats. Simply updating your operating system and software whenever new versions become available gives you an added measure of security. If available, activate automatic security updates so you will be alerted when updates are issued.

Avoid “Free” Security Scans: Be suspicious of an offer of a “free security scan,” especially when faced with an unexpected pop-up, email, or an ad that claims “malicious software” has been found on your computer.

Create and Protect Strong Passwords: Create strong email passwords and protect them with the following tips:

  • The longer the password, the tougher it is to crack.  Use at least 10 characters.
  • Mix letters, numbers, and special characters.  Try to be random – don’t use your name, birthdate, or common words.
  • Don’t use the same password for different accounts.  If it’s stolen from you, it can be used to take over all your accounts.
  • Don’t share passwords on the phone, in texts or by email.  Legitimate companies will not send you messages asking for your password.
  • Keep your passwords in a secure place, out of plain sight.

Use a Pop-up Blocker: Don't click on links or open attachments in emails unless you know what they are, even if the emails seem to be from friends or family.

Use the Spam Filter: Utilize your email program’s automatic spam filter, which reduces the number of unwelcome email messages that make it to your inbox. Delete, without opening, any spam or “junk mail” that gets through the filter.

Backup Important Data: No system is completely secure. Copy important files onto a removable disc or an external hard drive, and store it in a safe place. If your computer is compromised, you’ll still have access to your files.

Read more about the indicators associated with the specific WannaCry Ransomware incident here.

© 2017 WXIA-TV


JOIN THE CONVERSATION

To find out more about Facebook commenting please read the
Conversation Guidelines and FAQs

Leave a Comment