Europol, the intelligence agency of the European Union, called it a “cyberattack of an unprecedented level.”
Starting early Friday, May 12, a massive ransomware infection called WannaCry quickly spread to hundreds of thousands of computers in over 150 countries.
It crippled entire hospitals, car manufacturers, telecom companies, and even affected U.S.-based FedEx, demanding a $300 ransom to be paid in Bitcoin for the data files it held hostage.
Failure To Do This Leaves The Door Wide Open
Why did this ransomware inflict so much damage when it could have been easily prevented?
First, companies and individuals failed to keep their computers updated with the latest security patches.
Microsoft discovered the vulnerability exploited by WannaCry and issued a patch back in March. Computers with the update installed were not affected.
Yet, an enormous number of PCs obviously weren’t updated, providing an open door for the cyberattack.
In my experience, most small business and home users neglect to regularly install the ever-important Windows Updates. They either don’t know how or never think about installing them.
Worse yet, many refuse to allow a knowledgeable IT provider to take care of these tasks for them at a minimal cost.
The Antivirus Myth
Second, most of the affected PCs used ineffective or no antivirus protection.
The first question I always get asked after a client’s machine becomes infected is, “Well, I have [insert name of a popular antivirus program, usually a free one]. Shouldn’t it have prevented this?”
Truth is most antivirus programs sold today use ancient, 25-year-old technology. They simply don’t protect against how today’s threats attack and infect computers.
In the previous column two weeks ago, my Director of Service Operations, Christian Hinojosa, warned about the inadequacies of free antivirus programs – like AVG, Avast, and Avira. These are some of the worst protection when it comes to ransomware like WannaCry.
But even many of the paid antivirus programs fail to block deadly viruses and malware.
Only a slim handful of paid antivirus software effectively blocks many of the behavior-based, zero-day threats regularly attacking your computer. And they’re not ones you find on the shelf at Walmart or Best Buy.
The Worst Is Yet To Come
While WannaCry’s reach rapidly extended throughout the entire civilized world, it only lasted a few days before it was stopped in its tracks.
The purchase of a simple $11 domain name by an observant security expert broke the criminals’ code.
Those thieves know exactly what they did wrong. You can bet they’re already working on a version 2.0 that won’t be stopped as easily.
At Home or At Work – You’re At Risk
Are you a home user who only checks email and browses Facebook?
Are you a small business owner with one or more computers critical to running your daily operations?
Do you work in an office, warehouse, or other organization with computers?
If you answered yes to any of those questions, you have computers at risk for the next big attack.
It would be wise to make sure you’re well-protected before disaster strikes. Keep in mind these six tips:
1. Regularly update all your computers with the latest patches.
2. Install antivirus software designed for today’s threats.
3. Implement edge protection to build a wall around your home or business network that will keep unwanted hackers out.
4. Provide on-going training to family members and/or employees that helps them identify phishing email, scams, fake websites, and other malicious attempts to infect your PC or steal personal information.
5. Maintain regular, automated, OFF-SITE backups of all important documents and data on your computer.
6. Consult with a knowledgeable IT professional to provide these five solutions for you. If they can’t, find an expert who is educated and able to offer complete security. It really is cheaper than the alternative.