A lot of computer users tend to think of malware as a problem that affects other people, and especially people who were doing something that they shouldn’t. Download a dodgy file, or open a dodgy website, and you’re asking for trouble, goes the conventional thinking.
I’m certainly not going to argue that either of those acts are an entirely sensible way to keep your computer safe, but as recent malware attacks have shown, even systems that you would think would be the safest around can be compromised.
The recent WanaCrypt0r 2.0 attack hit around the world, affecting computers in at least 99 countries and causing a not inconsiderable amount of havoc across systems owned by everyone from auto makers to Britain’s public health system, the NHS. More than 20 British hospitals were thrown into relative chaos with non-essential surgeries cancelled and staff going back to simple paper systems due to a wide range of their computer systems being compromised by the malware, which locks down unpatched systems and demands money be paid to an as-yet unknown group of hackers. Given the serious and severe impact of WanaCrypt0r 2.0, hopefully they won’t be unknown too much longer. WanaCrypt0r 2.0 spreads via a known Windows exploit into a network and then seeks out any other security holes to spread as far and wide as possible. The scale of WanaCrypt0r 2.0 is, frankly, the most alarming part of it, because while this kind of malware, usually called ransomware is nothing new, getting it to hit so many systems and quite so fast is a worrying indication of where we’re headed in the future, security-wise.
Even if you don’t run a larger-scale IT system, there are some rather simple lessons that can and should be learned from WanaCrypt0r 2.0’s spread.
Firstly, assuming that just because your internet usage is simple and steers clear of the net’s, shall we say, murkier side is automatically keeping you safe is really sticking your head into the sand. I’ve little doubt that many of the places hit by WanaCrypt0r 2.0 had implemented protocols to keep unsavoury sites or activities locked down, and they were still hit, and hard.
Secondly, a big part of the way that WanaCrypt0r 2.0 spread was by attacking known security holes, many of which have been patched with Windows updates. Microsoft has gone as far as releasing patches for operating systems that they had in fact stopped supporting some time ago, simply to contain WanaCrypt0r 2.0’s spread. This goes all the way back to Windows XP systems, and if you’re running one of those and you’re still online, it would be very wise to both patch your operating system and seriously consider upgrading the operating system overall. Likewise, as new updates become available, it’s imperative that you keep installing them. It’s a nuisance to boot your PC to see that updating screen, but it’s better than not being able to boot your computer at all.
The systems not hit by WanaCrypt0r 2.0 were those that were patched, by and large, as well as protected by decent (and upgraded) antivirus software. It’s a sad, but necessary price of being online in this day and age, ultimately.
Now, if WanaCrypt0r 2.0 had attacked a previously unknown vulnerability (typically called a zero day attack, because the vendor of the software has had that much notice about the problem) then no amount of patching or AV would have stopped it. That’s why the final lesson that every user, whether you’re running large scale systems or just your own laptop or desktop should take seriously is backup. Yeah, it’s dull, and you do need to invest in an external drive or cloud backup solution. Preferably both, but the reality here is that if the worst comes to pass and you power up your system only to find it’s been entirely locked down or otherwise compromised, if you have backup of your actual personal content, you can always rebuild from there. WanaCrypt0r 2.0’s makers have apparently not made that much from the attack, and at least in the case of its impact on UK hospitals it appears that backups were made. That makes it an annoyance and a waste of time and money, but it’s a lot better than losing everything because you weren’t prepared for it. A good backup will protect you not only from computer hardware faults, but also malware that’s becoming all too common.