The WannaCry ransomware attack has already affected 200,000 computers in over 150 countries. Early versions of the malware have been stopped from spreading, but variants are emerging, so continued vigilance and prudent security remain highly important.
Plenty of information about this malware is available online and in the news, but much of it is in long and overly technical format. Below is a bullet list quickly describing who is at risk and what steps should be taken for protection.
- WannaCry is malicious computer code that encrypts (locks) the files on your computer and demands a payment to decrypt (unlock) them.
- This “ransomware” affects computers running older versions of Microsoft Windows, including Windows XP, Vista, Windows 7, Windows 8 and Windows 8.1.
- Windows 10 is not affected, although one researcher has claimed early versions might be vulnerable.
- Windows Vista, Windows 7 and Windows 8.1 users are already protected if they have auto-update enabled or have manually applied the March 2017 update released by Microsoft.
- Windows XP, Windows Server 2003 and Windows 8 users can apply protection by downloading a one-time patch (fix) issued by Microsoft in the last few days.
- All Windows users who do not have auto-updates active or have not installed the latest updates or patch from Microsoft should do so immediately.
- Most anti-virus and anti-malware products have been updated to include protection against WannaCry and currently known variants, so if you use one of these products make sure it is up to date.
- Even with anti-virus software installed, there will almost certainly be new variants of this malware released which may not be immediately detectable. So, it is essential to ensure you have also installed the latest Windows operating system updates from Microsoft.
How to Avoid Current and Future Threats
- Keep your version of Windows updated with the latest upgrades and security patches issued by Microsoft. The easiest way to do this is to turn auto-updates on. Check the additional resources below for instructions from Microsoft on how to enable auto-updates.
- Use good antivirus/ anti-malware software and ensure you keep it updated. If there’s an auto-update option, use it. Professional anti-virus products usually provide a firewall or real time scanner that acts as a barrier between your computer and the Internet, checking every file that enters and leaves your computer to ensure it is safe. If you can’t afford professional anti-virus software there are free options available but these often lack some of the tools you need for complete protection. At the very least ensure you use Windows Defender which is free. Check the additional resources below for a list of anti-virus vendors.
- Do not click on untrusted links in your email messages. Even if you know the person sending the message there’s no guarantee the message was sent with their knowledge, their own computer might be infected.
- Do not download and open untrusted email attachments. Once again, even if you know the person who is sending the message, if the attachment looks in any way suspicious don’t open it. Send an email back to the original sender asking them to confirm they sent the attachment.
- Do not visit untrustworthy sites on the Internet, for example pirate video streaming sites and pirate software download sites. Use software and apps downloaded directly from the official vendor.
- Backup all your files and data regularly to an off-site location such as the cloud. Storage is cheap these days and most operating systems, including Windows, provide easy to use tools to copy your files. Should you ever fall victim to ransomware, or any other malicious software that disrupts or destroys your data, a backup means you have the ultimate option of wiping your computer and restoring the original, uninfected files.
- Ensure you use strong passwords for all your computer and Internt accounts. Weak passwords that are easy to guess or break can lead to the compromise of your accounts which in turn can be used to spread malware to other users.
It may be slightly more inconvenient to observe these security practises, but the extra time and effort you will spend is insignificant compared to losing all your data to a ransomware attack.
Make security a habit.
Watch Ransomware – Video Series