Recently there was a rather major outbreak of the WannaCry ransomware that has and is sweeping the globe. It took down over 20% of Britain’s health care system and since it has hit over 100 countries worldwide.
WannaCry or WannaCrypt takes advantage of a decade-old vulnerability in Windows operating systems going all the way back to Windows XP that even Microsoft didn’t know about. It turns out that the NSA did and as such has used the vulnerability in the past. This all came to light when the site Wikileaks dropped a bombshell of documents showing how the governments are getting in to computers around the world. In this case these vulnerabilities were released by an organization called the Shadow Borker. There is also some data which suggests that North Korea may be behind this attack though that can’t be confirmed.
What I wanted to talk about first was the responsibility of the media in this situation and then we can talk about what you should do to protect yourself.
This more recent leak was not as big as Snowden’s leak some time ago but it was still big. It detailed what the CIA and NSA think of anti-virus protection and in some cases went in depth talking about vulnerabilities in different software and operating systems.
I think it was important to reveal that government agencies were possibly spying on their citizens but I don’t agree with the blatant delivery to the masses of a bunch of possibly tech infrastructure damaging information by the media.
Imagine if a vulnerability was critical enough that someone was able to get in to systems operating the power grid? Heck what if the vulnerability was so critical that it brought down the internet as a whole? That would cause mass chaos. Seriously. Most businesses rely on an internet connection to function and as you know so do most teens. Oh and I do as well.
Yeah it may sound like fear mongering but I am completely serious about this. We have to start taking security more seriously as technology becomes integrated in to our lives. It’s no longer safe to just ignore the small details. Consumers and businesses alike need to take steps to keep their systems and data secure and while the governments need to start making laws that can severely punish those that exploit these security flaws rather than report them.
Software companies should also be held accountable to a certain extent to design a secure piece of software. While I know that it’s hard to detect software vulnerabilities there needs to be serious security testing before any software enters the market.
With that all in mind what can you do to keep your personal data secure? Your personal pictures, documents and so on. The best thing you can do is have multiple backups though the most secure would be to have an offline backup.
An offline backup can be a number of things. It can be as simple as plugging in a USB stick every day to back up your important data manually. It can be an external hard drive to do the same or be set up to do backups at a certain time on a schedule. What is important is that the device that you back up to is only connected to the computer while it’s doing the backup. That way if your system becomes infected after a backup by one of these ransomware attacks your data is safe and you can re-install Windows (or Mac OS, etc.).
The catch to ransomware is that you can pay the money to the party on the other side but you have no guarantee that they will supply the key to unlock you data. If we want to stop these things from happening we have to make them unprofitable for these hackers to do it. That means not paying these ransom fees. It just the same as not paying a ransom fee for a hostage. Because essentially what’s happening here. Your data is being held hostage.
On any operating system, including Windows, Mac OS or Linux the first thing you should do is make sure you have installed the latest security updates on your computer.
Also practising safe web browsing is a great way to protect yourself. This means being careful of where you go on the internet. Don’t trust every link you see. Just because it comes up as a result in a Google search does not mean it’s a safe website.
Don’t open attachments in emails. I cannot stress that enough. No matter who sends them. In fact I would go as far to inform those people that you will no longer be even opening their emails and if they wish to contact you further they will either stop attaching things to their emails or call instead. Yes it sounds a little nasty but if you want to keep yourself safe that may be a step you have to take. It’s one I have taken.
Another thing you can do is use an anti-virus program. Windows comes with an OK anti-virus that works for the most part and doesn’t slow your computer down but you can go a step further and pick up a copy of ESET NOD32 or Kaspersky AntiVirus (these are not advertisers by the way just honest suggestions – the links will take you to Amazon if you would like to purchase; we do get a kickback from this). These both are good options though I personally stay away from any third party anti-virus as I seem to never have an issue with malware.
With all this said, I don’t want to discourage you away completely from using technology. In fact to do so would be irresponsible and almost impossible in this day and age. Technology is an important part of our lives and from this point on will always be. All I want to do is encourage everyone to take security seriously. When we all do this we all win.