3 Lessons Learned from the WannaCry Ransomware Attack
by Commonwealth Financial Network
If you follow the news, youāve likely heard of the WannaCry ransomware attack, one of the most widespread cyber attacks to date. Once infected with this ransomware, all information on the userās computer is encrypted (i.e., locked away) unless a ransom of $300 to $600 is paid to the attackers in Bitcoin.
Security experts estimate that more than 200,000 users have been infected with this malware. And to make matters worse? Thereās no evidence that the attackers have ever held up their end of the deal. Generally speaking, for those who have paid, the encrypted information wasĀ not returned in its normal state. In other words, this global attack just left ransomed information irrecoverable.
Can anything be done to defend against similar attacks in the future? Fortunately, the answer is "yes." Letās review three valuable lessons learned from the WannaCry ransomware attack.
Earlier this year, a notorious hacker group called the ShadowBrokersĀ leaked confidential National Security Agency (NSA) hacking tools and techniques, including a number of critical Microsoft vulnerabilities. Just a few weeks later, WannaCry struck, taking advantage of one of those vulnerabilities.
If we were keeping up with security news and read about the NSA leak, we would have been warned that our Microsoft software was wide open to an attack. But even if we had been able to follow these breadcrumbs, what could we have done? Thatās where lesson #2 comes in.
When news of the NSA leak first broke in April, Microsoft immediately reported that it had released an appropriate security patch. In fact, it had released the patch in Marchāone month before the NSA leak. Sounds as if we shouldāve been all set, right?
If everyone had updated their machines on time, that would have been true. Unfortunately, when weāre at our computers and an update box appears, we sometimes delay installation because we donāt want to be interrupted. But system updates often include critical security patches that protect us from current cyber attacks. Delaying their installation only leaves us vulnerable for a longer period of time.
It turns out that all 200,000 victims of the WannaCry ransomware attack had unpatched systems. Although the attack struck in May, these users hadnāt updated their Windows operating systems (and subsequently rebooted their computers) since before March, so the patch hadnāt taken effect.
Bottom line? The next time youāre prompted for an update, keep in mind that it could be the one thing that could protect you from attacks like WannaCry. If you have to delay installation, donāt delay for too long.
The single most important safeguard against ransomware is backups. If you back up all your informationāand your machine becomes infected with ransomwareāyou already have a duplicate of everything the attackers are holding for ransom. No need to even consider paying!
But backups are effective only if they're done right. When adopting a backup process, keep these simple tips in mind:
- Your backup should be stored separately from the system youāre backing up. If you perform local backups on an external hard drive, leave that drive unplugged from your system when it isnāt backing up. If you have a cloud provider, research the protections it has in place to defend against ransomware infections. (Cloud providers typically offer versioning, which allows you to roll back to an uninfected version of your files if the files are ever infected or corrupted.)
- Regularly test your backups. Imagine believing that youāre protected against ransomwareāonly to be attacked and find that you canāt restore your backup properly. Itās worth ensuring that the process works, so test a restore from time to time.
- Secure your backup information as much as you would your original information.Ā When backing up sensitive information, be sure that itās encrypted and password-protected. If itās a physical hard drive, keep it in a place where no one can easily take it.
A month after WannaCry, another cybersecurity event made headlines: the Petya (aka NotPetya) cyber attack. This malware entirely wiped out the hard drives it infected, appearing to target critical Ukraine systems (but spreading over into Europe and the U.S. as well).
Can you guess what vulnerability this attack took advantage of? The exact same one that was used in the WannaCry attack!
The truth is, many of us donāt take action until we find out weāre part of a major cyber attack. Yet we should be preparing for these threats before itās too late. As weāve seen with WannaCryāand then Petya/NotPetyaāthere are ways to prevent being affected.
Thereās no telling what major cyber attack will be in the news next. But if we take the time to find the lessons in the last attackāand apply them to our own livesāweāll be in a much better position to defend our information when the worst happens.
Do you regularly back up your information? Have you ever been victim to a ransomware attack? Please share your thoughts with us below!
Ā
Ā Commonwealth Financial Network is the nationās largest privately held independent broker/dealer-RIA. This post originally appeared on Commonwealth Independent Advisor, the firmās corporate blog.
Copyright Ā© Commonwealth Financial Network
