Protect your computer from the latest hacker threat: WannaCry ransomware
Your computer is your life nowadays, especially if you run your own business and website. Hackers are always dreaming up new ways to attack your computer, and one of the latest methods is ransomware.
What is Ransomware?
Ransomware is malicious software (malware) that basically does what it says on the tin: it holds your computer for ransom. Once the malware gets in, it encrypts your data and demands something from you – usually money – for the key so you can access your computer again.
The latest malware menace
On the 12th of May 2017, the newest form of this software, called ‘WannaCry’ or ‘WanaCrypt’ (among other names), was released, creating massive problems in computer networks all over the world. It affected many organizations, including FedEx and the British National Health Service.
WannaCry is different from older ransomware in that, instead of being confined to one computer, it can spread to all computers in a network. It takes advantage of a vulnerability in the Windows networking code and can infect the entire system in a matter of hours. Windows released a patch for this issue earlier in March, but many users hadn’t installed it, making them susceptible to the ransomware.
To keep your computer safe, do this right now!
It is vitally important that you install the patch right away. If you’re running Windows 10 your computer has done it automatically. If you’re using Windows 8 or an earlier operating system, such as XP or Vista, you should go the Microsoft Update website and install your security updates as soon as you can.
How to protect yourself from Ransomware
There are many things you can do to protect your computer from attacks. Some of them might seem like inconveniences that take too much time and trouble – until you’re infected – and then, well, you will want to cry.
Always install the latest security updates
Everyone was annoyed when Windows 10 came out and forced you to update automatically, but there’s a reason for that. If you’re using an earlier operating system (and many businesses do), talk to your computer security consultant to make sure you’re doing everything possible to protect your network. It’s also important to make sure your browser and important software are up to date.
Keep up with your backups
Given the reasonably-priced hard drives available nowadays, with capacities of one terabyte (1,024 gigabytes) and up, it isn’t that expensive to back up your system regularly. You can also use online and cloud-based backups. Once a week is a good baseline, but depending on your computer use you might need to do it more often.
Use a good anti-virus and anti-malware program
Not all anti-virus programs also address malware, so check out the fine print. You can also install a security program, such as Malwarebytes, that is specifically designed to protect you against such threats.
You might also like to look at the Australian Government Department of Defence’s cyber-security webpage, which has many helpful tips you might find useful.
How your computer gets infected
Malware usually gets into your computer because you clicked on something that let it in. There are two usual avenues of infection: through email or over the internet.
Examine your emails carefully and only click on links and attachments that come from known, trusted senders. Even then, look closely before clicking. Your friend’s and colleague’s accounts can get hacked, sending out fraudulent emails to all their contacts.
So-called ‘phishing’ scams pretend to be trustworthy websites or emails, except that when you click on them you don’t get a million-dollar lottery win, you get malware. Some indications of scam emails, which like to claim they’re from trusted, well-known companies such as Facebook or your bank, are:
- Bad spelling and grammar – big companies employ professionals
- Asks for your information – they should already know
- Doesn’t come from/reply to an official email address
- – email@example.com instead of firstname.lastname@example.org
- Gives you links to click in the email
- Makes threats, such as account closure, to scare you into clicking
- Seems too good to be true
Never give out your information via email or when someone calls you. You can make your own call to your bank (for instance) if you’re concerned. If you’re suspicious of a link you can mouse over (but not click) on it to see if it leads to the website it claims to.
See if you can spot the signs of a scammer in this fun quiz from AVG.
Infectious websites and pop-ups
Scammers will set up look-alikes of legitimate websites in an attempt to get your login information and other data. The login screen of any website, whether it’s your bank or your pizza delivery account, should have a green lock logo on the left side of the address bar, along with the word ‘Secure’. The URL should start with ‘https://’.
Nowhere on the internet is completely safe
Sometimes even real websites can get hacked and infected. An up-to-date browser should be able to spot them and warn you in time (this is one of the reasons it’s important to get the latest versions as they come out).
You might think that if you avoid ‘disreputable’ sections of the internet you’ll be safe, but an infected website can look like anything (though again, bad grammar and spelling are suspicious).
One popular trick is to offer free stuff: software, iPads, twinkly fairy-wand cursors, vacations – it doesn’t really matter. It’s all a trick to get you to click and give away your information.
The same adage holds true here, as in the rest of life – if it looks too good to be true, it probably is.
What to do if you get infected
You might have to face the possibility that your data is gone for good. If you have a recent backup this isn’t as terrible as it might be, but it’s still disruptive. Whatever else you do, I don’t recommend you pay the ransom. There’s no guarantee you’ll get your data back, and every contact you have with the hackers just gives them more chances to infect you.
Here are the steps to follow if you are infected with WannaCry (or any ransomware):
- Get off the internet – unplug your Wi-Fi router and/or Ethernet cables
- – Hackers can send instructions to their malware over the internet
- While offline, thoroughly wipe your system and re-install Windows completely
- Restore from your backup while still offline
If you’ve been using cloud storage to back up your data, un-sync your device as soon as you find out you’ve been infected. Then you can use an uninfected computer to login to the service and rollback to clean versions of your files.
As time goes on a decryption tool will become available, but it might take days or even weeks. Do you want to wait that long?
If you’ve followed my advice in this article, you should be able to weather a malware attack with no more than minor inconvenience.
If you have any questions, our consulting service is always available to discuss your computer security concerns.
Need some help, or would like a short-term mentor in your business?
Get a FREE Copy of my No. 1 seller “Internet Marketing Made Easy,” or book a FREE 20-minute session with me