The massive ransomware attack that began in Europe on Friday has locked down thousands of computers in more than 150 countries, leveraging access to data — in hospitals, businesses and public utilities — for payment. The attack itself, experts said, was not a sophisticated assault…
The massive ransomware attack that began in Europe on Friday has locked down thousands of computers in more than 150 countries, leveraging access to data — in hospitals, businesses and public utilities — for payment.
The attack itself, experts said, was not a sophisticated assault, but rather a simple cybercrime that preys on vulnerabilities left open by individuals or institutions that did not install software fixes to known security holes or that were using outdated software, like Windows XP, for which Microsoft no longer provides technical support.
What makes the attack unique, cybersecurity providers said, was its scale.
The virus used in this attack infected as many computers as it did because it was made to spread across an entire network — in a hospital, for instance. All it took was one person clicking on a bad link or opening an attachment containing the virus.
Most ransomware attacks, like the one that struck Muni Metro late last year, strike individuals or organizations one at a time, said Carl Wright, general manager and vice president of worldwide sales at security firm TrapX.
Malware, or malicious software that hackers use to take control of or lock up people’s data, can be transmitted when people click on a link from an unknown source. Links containing malware can be sent via email — a tactic known as phishing — or buried in online advertisements that get delivered through websites consumers are more inclined to trust like the New York Times.
That means the onus tends to fall disproportionately on individual people and companies to keep their data safe — or else pay a ransom once a hacker has gained control.
Here are some tips to better protect yourself:
Verify all email
A common tactic used to infect computers with malware is also a simple one: emailing people a link or attachment that appears to come from a trusted source.
The easiest way to defend against this method of attack is to check with the person the email appears to be coming from — be it your bank, your boss or your parents — to make sure it’s really them. Call them or send a new email to a confirmed address to contact them; don’ t just hit reply or call a number listed in the email.
Back up data regularly
Maintaining an up-to-date back-up copy of your data — in the cloud or on an external hard drive — means anyone who locks you out of your data is out of luck. You won’ t need to pay a ransom, because you have an another copy of everything a cybercriminal may be threatening to destroy.
This is how Muni Metro dodged the $73,000 ransom hackers asked for during an attack on the system in November.
Experts recommend daily backups to ensure that in the event of such an attack, you would lose as little as possible. But if you’ re using an external hard drive, or another local storage device, be sure to unplug the device once backups are completed. If left plugged in, an attacker could infect both the main computer and your backup device.
Ssecurity updates
Operating systems are routinely updated with security patches to keep viruses out and close known holes in the system. Set your system to automatically update, if possible, Wright said, or make it a regular habit to check for updates.
With Internet-connected devices in your home like smart refrigerators or children’s toys, installing updates may be difficult or impossible. Nir Gaist, CEO of security firm Nyotron, recommends asking manufacturers and retailers about security before purchasing any so-called Internet of Things device to make sure the system can be patched to better fend off cyberattacks.
To pay or not to pay
Cybercriminals using ransomware to extort individuals and businesses collected more than $24 million last year from victims in the United States who reported such attacks, according to the FBI.
Continuing to pay these criminals off contributes to a cycle that makes such attacks profitable, and thereby encourages more attacks, law enforcement agencies often argue.
But not paying may result in the permanent loss of irreplaceable data.
“Everyone who advises you not to pay, they have a point because if everyone stopped paying the business model would not work and maybe it would finally stop this phenomenon, ” said Gaist said. “But it’s like vegetarian people — they can stop eating meat, but they’ re not going to prevent animals from being killed because so many other people are still eating meat. If you really care about your data, you should just pay the ransom if it’s reasonable.”
