How to tell if you're at risk from the WannaCry ransomware and what to do if you have been attacked
Ransomware attacks like WannaCry can be avoided by keeping software and anti-virus programs up to date, authorities said, Cybersecurity firms warned people not to pay the bitcoin ransom.
Businesses are still dealing with the fallout from a cyberattack that hit 200,000 victims in 150 countries, with many organizations and individuals wondering if they are at risk. Ransomware – a malicious piece of software that locks files on a computer and demands payments to unlock them – is the name of the type of virus that infected the machines. Ransomware attacks have been on the rise and this particular malware known as WannaCry was called "unprecedented" by Europol. WannaCry affected an exploit in the Windows XP operating system on PCs, and Microsoft shortly sent out a fix for the security flaw. But authorities such as the U.K.'s National Cyber Security Center (NCSC), warned over the weekend that as the working week begins, further cases of ransomware could come to light.
Am I at risk?
The WannaCry ransomware affects machines running the Windows operating system. It was a security flaw that was originally exploited by the U.S. National Security Agency (NSA) which was then leaked earlier this year. Hackers are now using this themselves. If you or your organization is running a version of Windows, you could be at risk.
What should I do to protect myself?
Authorities in the U.S. and U.K. have issued guidance on what to do. Individuals and small businesses should:
- Run Windows Update to get the latest software updates.
- Make sure any anti-virus product is up to date and scan your computer for any malicious programs. It's also worth setting up regular auto-scans.
- Back up important data on your computer in case it gets held for ransom.
Large organizations should:
- Apply the latest Microsoft security patches for this particular flaw.
- Back up key data.
- Ensure all outgoing and incoming emails are scanned for malicious attachments.
- Ensure anti-virus programs are up to date and conducting regular scans.
- Educate employees on identifying scams, malicious links and emails that may contain viruses.
- Make sure to run "penetration tests" against your network's security, no less than once a year, according to the Department of Homeland Security.
What if I've already been attacked?
- Do not pay the ransom demanded by the WannaCry ransomware, cybersecurity firm Check Point warned in a blog post Sunday. The company said there is no evidence of the hackers giving people files back.
- For individuals, it might be worth contacting local IT support services.
- Businesses should contact law enforcement and provide as much information as possible.
- Restore backups of data.
How can I prevent ransomware attacks?
There are also steps that can be taken to protect against ransomware more generally. These include:
- Making sure anti-virus programs are up to date and updating all software.
- Back up copies of data.
- Scrutinize links and files contained in emails.
- Only download software from trusted sources.
Article source: http://www.cnbc.com/2017/05/15/ransomware-wanncry-virus-what-to-do-to-protect.html Author: Arjun Kharpal/Technology Correspondent