Latest ransomware attack 'WannaCry' a reminder to take cybersecurity seriously

Latest ransomware attack 'WannaCry' a reminder to take cybersecurity seriously

You may have heard reports recently about a large scale, ongoing, ransomware attack known as WannaCry (or WannaCrypt). It has affected over 230,000 in 150 countries, and has affected large companies like Telefónica in Spain and the National Health Service in the UK. It is a timely reminder of the importance of cybersecurity and staying vigilant in your security efforts.

What is WannaCry?

WannaCry is ransomware — as the name suggests, it holds your data for ransom until the attackers receive payment (though there is no guarantee they will give your data back regardless).

The Windows vulnerability that allowed WannaCry to infect computers was discovered by the NSA, who used it to gather intelligence. Hackers released details of the security vulnerability and WannaCry was born.

How the attack starting infecting computers isn't entirely clear, it may have been a phishing attack (here's 10 tips to avoid phishing scams). Once installed, WannaCry encrypts the data on the computer and displays a message demanding a ransom payment of around $300-$600 in the online currency bitcoin in order for the user to regain access to their data. After seven days, if no payment has been received the computer's data is deleted.

Who is at risk?

Particularly at risk are those using older operating systems such as Windows 8, Windows XP, or Windows Server 2003, or anyone who hasn't installed security updates recently. Microsoft released a critical update back in March that would have secured the PC against an attack like WannaCry, but many users and organizations put off installing updates and hadn't yet implemented it.

Keep your data safe

Running Windows updates can be annoying, but the inconvenience is temporary and it could save you from a world of hurt later on.

If you a running an older version of Windows, such as Windows XP, you should consider upgrading to Windows 10. This may mean a new PC and added expense, but the long-term cost of doing nothing could potentially cost you dearly.

You should also ensure that you're backing up your data daily, ideally in multiple places. This doesn't just protect you from ransomware but also from hard drive failure. Store backups off-site for protection against fire and theft.

In summary

Whilst WannaCry has affected large organizations, that doesn't mean small businesses are immune. You may have heard that the attack was stopped last week by some quick thinking on the part of an independent security analyst, but there are new versions of the script infecting computers which get around his safeguard. Microsoft's statement on WannaCry and links to security updates are available here.