On Friday the 12th of May, the biggest ransomware attack the internet has ever seen wreaked havoc in Europe. The attack was first reported in the UK where the National Health Service was literally crippled as health facilities were hit by the massive cyber attack. The attack quickly spread to other organizations and withing hours had spread throughout most of Europe. The ransomware, named WannaCry has since spread to over 150 countries since the fateful Friday the 12th. The thread is hardly over and the entire internet is asking questions. How did this happen? Who is to blame? Am I safe? Some are even asking, ‘What on earth is ransomware?!’
What nonsense is ransomware?
This is by far the most important question. What is ransomware?
Ransomware is a malicious software program that will take over your computer and render it unusable until you pay ‘ransom.’ There are a whole lot of types of ransomware but all of them are similar in that they will make your PC unusable until you meet a particular demand. These malicious software programs can target anything from a home PC to a server used by a large corporate or government organization. Ransomware will do any or all the following;
- Prevent you from accessing your Operation System
- Encrypt files so you can’t use them.
- Stop certain programs/apps from running
Once any of the above takes place, the ransomware will ask you to pay money so that your PC may return to normal.
WannaCry Decryptor, the latest ransomware making the waves is a deadly malicious software that is encrypting files and asking for a $300 ransom. The money double after 48 hours should the user fail to pay.
Should you pay the ransom?
DO NOT PAY THE RANSOM! Ransomware is created by cyber criminals, and yes, cyber criminals are criminals. You cannot expect a criminal to act in good faith. There is absolutely no guarantee that you will recover once you pay the ransom. In fact, paying the ransom might actually cause even more problems at times.
The WannaCry ransomware is asking for a $300 payment which is payable only in bitcoin. The bitcoin part makes it less easy for the authors of the ransomware to be tracked down.
Can I recover my files?
Unfortunately, most ransomware programs are immaculately built and it is usually close to impossible to recover files once they are encrypted. This is mostly because the cyber criminals are the ones with the decryption key and will not give it to you, even if you pay the ransom money.
How to protect yourself against Ransomware attacks like WannaCry
This is the most important thing, protecting you or your organization against dangerous ransomware attacks like WannaCry. Here are a few powerful tips to help you stay safe against potentially devastating ransomware attacks;
For home users or personal PCs
- Update your OS, always
- Use authentic software programs, including the OS
- Use a reliable antivirus
- Always backup your data
- Avoid visiting unsafe websites (torrent sites, money making scheme sites, porn sites, gossip sites)
- Do not open emails from complete strangers
- Avoid following links from people you do not know or trust
For organizations and corporations
Ransomware is usually targeted at this group for a number of reasons including the ease of spread in computer networks and the likelihood of the victims paying the ransom being demanded.
The best solution for organizations is to ensure that all sensitive and confidential information is remotely backed up. There are various Cloud Computing programs that an organization could use to effect backups and avert cyber attacks like the one enacted by the WannaCry Decryptor.
What caused such a massive cyber attack in the first place?
There are quite a handful of culprits to blame for the largest ransomware attack ever. Among them, the United States National Security Agency from which data used to create WannaCry was supposedly stolen. Microsoft is also to blame as the cyber attack exploited a vulnerability in their Windows networking protocol. Even though Microsoft did release a security patch for the vulnerability, it did not quite reach all users hence the massive attack affecting tens of thousands. Lastly, the victims of the attacks are also to blame for not practicing safely on the internet, not updating their software and not seeking necessary knowledge.