You may have heard some news over the weekend about a global-scale ransomware attack that has been affecting countries in Europe and Asia. These attacks have been disrupting operations in the manufacturing, healthcare, telecommunications, and shipping industries, among others. This malicious software, called “WannaCry” spread through an exploit in the Windows Operating System, and not through clicking a suspicious link or opening an e-mail attachment, which is the most common way this type of infection is spread.
What Is “Ransomware”?
Ransomware is a type of malicious software that encrypts the data on an infected device, effectively “locking” it from being accessed unless the proper information is given to decrypt it. This action is accompanied by a message to the device user telling them that in order to regain their information, they must pay a “ransom” of anywhere between a few hundred and a few thousand dollars, and once this is done, their information will be decrypted and available to them again. There is also usually a clause in the software that warns that the user’s information will be deleted after so many hours or days of not paying the ransom.
Am I Vulnerable?
This particular malware affects only those running the Windows Operating System, so if your company machines use Linux or Mac, you aren’t in danger. Also, if you regularly update the machines on your network you’re going to be safe from this as well. Microsoft patched this vulnerability in an update released two months ago. The only exception to this is for machines running the Windows XP Operating System, which is no longer being supported by automatic updates. You can download a security patch for Windows XP here. However, this will only protect the machine if it hasn’t already been compromised.
How Can I Protect Myself In The Future?
The damage that this attack has done only emphasizes how important it is to stay up to date with Windows patches and updates. Additionally it highlights how crucial it is to backup your systems and information regularly. If you are the victim of a ransomware attack, the only reliable way to get your information back is to restore the systems from a backup done at a date prior to the infection. It is extremely important to note that if you are the victim of such an attack that you do NOT pay the asked for “ransom” amount. There is no guarantee that you will have your information returned upon doing so, and paying off the attackers will only prove to reinforce that this is a profitable method of attack and will only increase their efforts.
For more information, or to set up a meeting or risk assessment with our cyber security team, please contact Paul LaPorte at the AIM Office. The number is 315-624-9800