Cyber-attacks can be so frustrating that you might even be reduced to tears when faced with one. It could be because you have just lost very critical documents that you toiled over for a big presentation. You could also have lost treasured memories to a hacker who blocked them and is asking for a ransom in order to return your files. This kind of frustration must be the reason why they called the most recent global cyber-attack that also hit Kenya the “WannaCry” Virus Attack. According to British TV, the attack affected more than 200,000 victims in at least 150 countries.
The WannaCry Virus is a type of a cyber-attack called a ransomware. A ransomware is a malware that is secretly installed in your personal computer (PC) and locks the system down. After the system lockdown, the owner of the PC receives a message demanding payment in order for their files to be released. In most cases, unless the hacker is not as experienced, all the data in the person’s PC will be lost forever. Paying the attackers does not necessarily guarantee that your data will be released, in fact, in some cases a second ransom is asked.
The WannaCry Virus Attack was finally curbed from spreading by a technology researcher in the UK. However, they mentioned that it is only the beginning and that the hackers are likely to change the code and start again. The UK’s National Cyber Security Center added that some infections may not yet have been detected, and that existing infections can spread within networks. Most ransomware attacks are usually criminal rather than political in nature. Here are a few tips on how to protect ourselves from ransomware attacks:
- Regular Data Backups
In order to protect organizations from the harsh effects of ransomwares, frequent offsite back-ups should be the very first step to be taken. However, caution should be taken with automating the backup process because the maliciously encrypted files may be backed up as well, infecting the rest of the clean backed up files. To make the back-ups ransomware proof, you should use a drive that isn’t mounted to a particular workstation, especially if the workstations in the company are connected to the internet. This can be achieved by streaming the data over the network to another workstation or storage device using a back-up application. Security controls should also be put in place to prevent network users from accessing back-ups. The off-site backups could also be encrypted to prevent unauthorized access.
- Refrain from Opening Suspicious Emails
Email attachments are the prime source of infections, making an email scanner an important investment for any company. Another practical tip would be to avoid opening suspicious emails even when they appear to be from legitimate companies. It is important to note that the malicious content comes in different forms other than the most common email attachment. They could come as a link to fill a form, a phone number or even the least suspicious, a button to unsubscribe.
- Adjust Microsoft Office Settings
Another way to secure yourself from Ransomware is to adjust users’ Microsoft office default setting to disable macros. That way you prevent ransomware from exploiting Microsoft Office documents which are the preferred delivery vehicles for ransomware authors.
- Be careful-Antiviruses can be Ineffective
It is important to make safety precautions. The mistake many people make is to think that an antivirus will catch everything. Cyber criminals leverage this false assumption. While antiviruses usually scan programs to look for anything malicious, hackers find ways of disguising a ransomware so that it looks legitimate by hiding it in another program.
- Install AdBlock
Another way ransomwares disguise themselves is through malvertising. This is where a ransomware is hidden in plain sight within an online advertisement. The cyber criminals that create this type of ransomware usually take advantage of the flaws in advertising software such as Adobe Flash and Microsoft Silverlight. Malvertising mostly occurs in poorly designed sites, thus it is important to install AdBlock to prevent malvertising and to avoid intrusive marketing as well. Also, be wary of heavily animated advertisements that offer things that seem too good to be true.
It is important to take note that this is the information age and data is very valuable. Truly own your data and, as the former Yahoo CEO Marissa Mayer would put it, “What is clear is that users own their data and should have control of how their data is used.”
[Image source: freepik.com]
[Article by Wendi Ndaki]