Businesses are still dealing with the fallout from a cyberattack that hit 200,000 victims in 150 countries, with many organizations and individuals wondering if they are at risk.
Ransomware – a malicious piece of software that locks files on a computer and demands payments to unlock them – is the name of the type of virus that infected the machines. Ransomware attacks have been on the rise and this particular malware known as WannaCry was called “unprecedented” by Europol.
WannaCry affected an exploit in the Windows XP operating system on PCs, and Microsoft shortly sent out a fix for the security flaw. But authorities such as the U.K.’s National Cyber Security Center (NCSC), warned over the weekend that as the working week begins, further cases of ransomware could come to light.
Am I at risk?
The WannaCry ransomware affects machines running the Windows operating system. It was a security flaw that was originally exploited by the U.S. National Security Agency (NSA) which was then leaked earlier this year. Hackers are now using this themselves.
If you or your organization is running a version of Windows, you could be at risk.
What should I do to protect myself?
Authorities in the U.S. and U.K. have issued guidance on what to do.
Individuals and small businesses should:
- Run Windows Update to get the latest software updates
- Make sure any anti-virus product is up-to-date and scan your computer for any malicious programs. It’s also worth setting up regular auto-scans
- Back up important data on your computer in case it gets held for ransom
Large organizations should:
- Apply the latest Microsoft security patches for this particular flaw
- Backup key data
- Ensure all outgoing and incoming emails are scanned for malicious attachments
- Ensure anti-virus is up-to-date and conducting regular scans
- Educate employees on identifying scams, malicious links, and emails that may contain viruses
- Make sure to run “penetration tests” against your network’s security, no less than once a year, according to the Department of Homeland Security
What if I’ve already been attacked?
- Do not pay the ransom demanded by the WannaCry ransomware, cybersecurity firm Check Point warned in a blog post on Sunday. The company said there is no evidence of the hackers giving people files back
- For individuals, it might be worth contacting local IT support services
- Businesses should contact law enforcement and provide as much information as possible
- Restore back-ups of data
How can I prevent ransomware attacks?
There are also steps that can be taken to protect against ransomware more generally. These include:
- Making sure anti-virus is up-to-date and updating all software
- Back up copies of data
- Scrutinize links and files contained in emails
- Only download software from trusted sources