I’m sure by now everyone has heard about the ransomware known as WannaCry that hit yesterday. It is estimated that it hit at least 57,000 people. What I’m unclear about is whether or not that’s the number of people that paid the ransom. Or just the number of computers/people it attacked. Either way, that’s an incredible number. Especially when you consider how much money was being asked for by the attackers. But maybe I’m getting ahead of myself here. Let me first start by explaining what ransomware is. Essentially, it is software that can take over or block certain aspects of your computer system. That is, until you pay the ransom. Ransomware seems to be gaining popularity lately.
And why is that you ask? A hacker can take over the files on your computer, and not release them back to you until you pay their ransom. And the ransom seems to be relatively low in price. In yesterday’s case, it was only $300 to start. What is interesting is that if you don’t pay the $300 within a set amount of time, the ransom will double. Continuing until you give in. Also making it an urgent request. Pay now or else. I’m sure in many cases, people feel like they don’t have any other option. So they pay the ransom, to get their files back. In some cases, however, that doesn’t always happen. You’re then left without the money that you started with, and then without your files.
So how can you get hit with ransomware? Well, yesterday, the attack targeted computers who hadn’t updated a specific Microsoft security patch. So if you were running version 1 of this patch, you were at risk of getting attacked. But if you had updated and were running version 2, you were ok. What’s also interesting is that Microsoft released this version 2 patch back in March. Almost two months ago. So if you’re two months behind in updating Windows, you might have been a victim of yesterday’s attacks. What is the moral of this story? Well… I would suggest that you back up your files somewhere. And I would suggest that you stay on top of your updates. Especially the security updates.
But that doesn’t mean it’s not going to happen. All that is really going to do is save you from having to shell out the cash to get your files back. WannaCry was able to get to machines behind firewalls. Why? Well, usually that happens when someone opens/downloads a file that they’re not supposed to. It takes one person. And then bam. Everyone is infected. I know of corporations that have run into this problem. In those cases, they didn’t give into the ransom, but rather just used files from the previous day. Maybe you lost one days worth of work, but not months worth. Which is why it pays to back up regularly. (This is a mental note for myself as I tend to not back up nearly as often as I should).
What’s scary about this, in my opinion, is not that you lose your personal vacation photos. Or the latest version of your resume. But the fact that this can attack, and likely has attacked organizations like hospitals. Can you imagine what kind of chaos would ensue if something like this were to happen? And those systems, even with great IT departments are just as susceptible as your average Joe. And for what purpose? I mean, in some cases you’re literally putting the safety of others at stake, merely so you can make some money? Shame on you. And maybe that’s what the world has become. Which might be scarier than the ransomware itself.
If you don’t want this to happen to you, find out how you can protect yourself. I am by no means an expert in this field. The software is smart enough to get around firewalls in some cases, so just make sure that you back up the data that you can’t bare to lose. And do it regularly. Also, keep updating Windows, even if it is a pain. And even if you’re doing it once or more a week. Just make sure that you’re staying on top of it.