It's Important to Protect Yourself from Ransomware Attacks. Here's How!


It's Important to Protect Yourself from Ransomware Attacks. Here's How!

According to data from Kapersky Labs, nearly 98 percent of computers affected by the ransomware ran a version of Windows 7. So it makes sense to assign some responsibility to the NSA - the attackers didn't come up with this security hole on their own, after all. Brad Smith, Microsoft's top lawyer, criticized US intelligence agencies for "stockpiling" software code that can be used by hackers.

According to various reports, this attack avenue has been developed by the National Security Agency (NSA) in the United States as a cyber-weapon and it was leaked to the public earlier in April along with other classified data allegedly stolen from the agency.

But it's not just large companies or systems like the NHS that are vulnerable to WannaCry. "Following this, Microsoft had sent patches in its update in March itself to counter this particular form of threats", Udhav told TNM.

Spanish firm Telefonica, French automaker Renault, the US -based delivery service FedEx and the German railway Deutsche Bahn were among those affected.

"It's hard to imagine what more Microsoft could have done", said King.

NSA does not discuss its capabilities, and some computer experts say the MS17-010 exploit was developed by unknown parties using the name Equation Group (which may also be linked to NSA). And, while the company did issue early fixes for its newer operating systems, patches for older Windows systems were only issued free of charge over the weekend, after the attacks began.

In what it said was a "highly unusual" step, Microsoft also agreed to provide the patch for older versions of Windows, including Windows XP and Windows Server 2003.

"People always try to take the easiest way", Upadhyaya said, adding that it can "take some effort" to apply a patch - the piece of software created to fix a problem.

"Technology companies owe their customers a reliable process for patching security vulnerabilities", he said.

But researchers at security firm Proofpoint said that a related attack that exploits the same vulnerability that powered WannaCry has turned more than 200,000 computers into digital currency miners. He added it was a helpful thing that the company had set up a patch capable of stopping the attack.

This includes whitelisting certain websites and software so only approved programs can run on a computer, or disabling administrative privileges on a company's machines so that only the IT department can download programs.

Make sure you regularly back up your data.

"It's not rocket science", Litan said.

Liran Eshel, chief executive of cloud storage provider CTERA Networks, said: "The attack shows how sophisticated ransomware has become, forcing even unaffected organisations to rethink strategies". Asked what the company is doing to prevent such exploitations, he cited "basic IT security blocking and tackling".

Once the computer's data has been encrypted, or locked down, a message would appear saying that the users' files are no longer accessible.

It also expressed fear that figure of affected computers and countries is likely to grow with time especially "as people use their computers if their IT has not been updated and their security systems patched over the weekend".

Although Microsoft has issued a patch to address the vulnerability and reports indicate that the spread of this version of Wannacry has been stemmed for the time being, this certainly won't be the last ransomware attack we see.

Homeland security says that despite the range of the hack, only about $70 000 worth of bitcoin was paid to hackers.