Recent ransomware attacks opened a huge discussion about how secure our systems are and the steps we can take to best secure our data. Companies and institutions around the world had their data compromised by the malicious tool “WannaCrypt Ransomware.” This mode of cyber threat is a malicious software that holds computer files encrypted and asks for a ransom to get them free. They do this by targeting vulnerable machines or users, encrypting their data using Full Disk Encryption (FDE), and preventing the owner of the data from being able to use or access it until the named price has been paid.
How Does Ransomware Spread?
Most ransomware is hidden within seemingly innocent-looking documents, files, and photos. If you download a file or even open an email from an untrusted source, you may expose your computer to malware from anyone. It can also spread through viruses or backdoors from within a system that can offer a way for hackers to gain access.
A popular way to install ransomware is to leave a USB stick/flash drive lying around an office building. Hackers will leave a file on the USB stick that will install an executable file automatically. From there, the virus can encrypt your files and the hacker can demand payment.
Breakdown of WannaCrypt Infection
Vulnerabilities will occur when your Windows system is over two months behind on update cycles. WannaCrypt took advantage of a vulnerability that was made known by an NSA leak. While Microsoft patched this two months before the attack, many people neglect to update their systems frequently, leaving them vulnerable to these kinds of attacks. Make sure your Windows devices have auto update enabled, this way you will not miss an update and you will be less susceptible to an attack. You should also stay on top of system updates and patches for your smartphones as well.
"Most ransomware is hidden within seemingly innocent-looking documents, files, and photos. If you download a file or even open an email from an untrusted source, you may expose your computer to malware from anyone."
Which Systems Were Compromised?
Windows users who have outdated patches/updates are susceptible to WannaCrypt, from Windows XP and up to Windows 10. Apple devices and Android devices were not affected, but that isn’t to say there will never be a ransomware attack for those devices somewhere down the line. Android users are the most at risk, because most system patches/updates are few and far between. If you have an Android, be sure to get a top of the line device, such as the Google Pixel line or Samsung s8 line because those devices are more likely to stay up to date with patches.
Who Got Hurt?
Around 200,000 computers and nearly 40,000 businesses were exploited by WannaCrypt. Some of these victims are actually paying hackers to get access to their data back. The ransoms that have been paid are around $72,000 so far and still climbing.
Lessons Learned—How to Protect Your Data
Synectics for Management Decisions, Inc. © 2016