A widespread ransomware virus hit dozens of countries and thousands of systems in what has been an unprecedented attack. The image below shows just a handful of the reported 200,000 systems that are believed to be infected. Some of the largest organizations hit were hospitals in the UK, which were forced to cancel non-urgent outpatient surgeries because of this event. The virus has been dubbed “WannaCry” (which seems to be a rather appropriate name for those infected). So how exactly did this happen, who is responsible, and how can you protect yourself from attacks such as this one?

What is Ransomware?

Ransomware is exactly what it sounds like: a virus that infects your computer, encrypts your files, and asks for payment to restore your files; effectively holding your information for ransom. This particular virus held information captive for roughly $300, if those infected didn’t pay up in 3 days, then the price doubled. If they still did not receive payment after 7 days, then the encrypted files were permanently deleted.

How did this get so bad?

Looks like we need to send a big “thank you” card over to the National Security Agency (NSA) for this lovely sequence of events. It turns out that the NSA was aware of and had access to the vulnerability that was exploited in this attack. So why didn’t the NSA alert Microsoft about this vulnerability as soon as it was discovered so Microsoft could release a patch? Isn’t it obvious? The NSA was using this exploit to collect data for their own reasons and didn’t alert Microsoft about the problem until after they lost control of it. Microsoft did release a patch for the vulnerability about a month prior to this attack, but those who did not install the security update are the ones who were infected by the ransomware.

How can I protect myself?

We’ve all been there, you are working on an important time-sensitive project, in your groove, finally being productive, and a Microsoft update pops up and wants to install the next time you restart your computer. So instead of wasting your time on that, you just put your computer to sleep so the update doesn’t waste your time when you have to get back to work. Or maybe you just never update your computer at all, because why fix something that isn’t broken?

Microsoft and other software companies send out updates for a reason. They may not be convenient, but everyone that had updated their computer with the appropriate patch before the attack was safe. So do yourself and your data a favor, and update your computer when you receive an update: don’t wait! By no means am I saying that every update is perfect, but you are generally much better off accepting updates as they come, instead of ignoring them for an indefinite amount of time.

Backing up your data is also incredibly important in situations like this, and it can be done extremely easily and often times even for free. Check out Google Drive, Apple’s iCloud, or Microsoft’s OneDrive, all of which have free options and work quite well. It’s a simple yet powerful tool that helps protect your data, even if you are the victim of a ransomware attack such as WannaCry.

Take your online security seriously, because you never know when you could be the target of an attack.

Sources: CNN, NPR, BGR

Pin It on Pinterest

Share This