The past few days saw thousands of computers around the world falling victim of a ploy similar to getting kidnapped and winning freedom after a ransom is paid. In this particular case involving a ransomware called WannaCry, an infected computer’s files and documents are locked down and encrypted. Its owner will notice a screen telling him what just happened. Hackers demand $300 for the owner to restore control of the files.
This particular ransomware takes advantage of a vulnerability in Microsoft Windows. While the software giant has released security patches in March after discovering the vulnerability, not every computer is configured to download and install them, partly because for large corporations these updates can impact their legacy software programs. Such security holes have been a perpetual issue for years.
Home users also are at risk. Even as Microsoft requires Windows 10 users to automatically update their computers, those with older hardware chose to disable automatic updates to preserve limited resources.
Such practices and lack of sense of urgency to address cyber risks has led to the massive attack that has affected 150 countries, affecting 200,000 computers of both consumers and organizations that include FedEx, Nissan, and UK’s National Health Service that severly crippled hospital operations across the country.
Also hit were Deutsche Bahn, the Russian Central Bank, Russian Railways, Russia’s Interior Ministry, Megafon and Telefónica.
Is My Computer Vulnerable?
If your computer does not have the latest downloaded Windows Update, then yes, your system is vulnerable.
Microsoft has taken an extraordinary move of developing and releasing a patch for older operating systems including Windows XP, Windows 8 and Windows Server 2003, and not just Windows Server 2003. So there’s no exception; everyone who has a Windows operating installed on their computer must take part in the update.
It’s understandable, from a ransomware developer’s point of view, that Windows operating system is the target platform; a vast majority of computers around the world utilize Microsoft’s OS means more opportunities to make more money.
How to Tighten Security for My Computer?
Security company Bitdefender advises the following steps:
- Disable your computer’s Server Message Block service.
- Install Microsoft’s patch.
- Back up your data on an offline hard drive.
- Install all Windows updates.
- Use a reputable security software to prevent attacks in the future.