Beat Ransomware in 3 easy steps
I’ve read about a virus called “WannaCry”, should I be scared now?
You have probably read in the news that a dangerous NSA hacking tool is infecting computers all over the globe. This piece of ransomware is known as “WannaCry”. Notable is that especially large companies are being victimized by this malware. Microsoft saw the vulnerability and developed a patch a month ago but obviously not everyone is persistent in his update policy. You should think that large companies have their IT departments that take care of regularly updating their machines but the truth is, they don’t. “As long as it works: don’t touch it”, seems to be the standard here. Besides updating, there are several options you have to prevent your computer being infected with this or any other form of malware.
What is Ransomware?
Ransomware is software that encrypts files on computers (documents, applications, images, videos, etc) and demands a ransom -often in bitcoins, (a digital currency) from the victim to regain access to his files again. In some cases victims that payed the ransom did get their files back in other cases they didn’t, even after they payed. We do not know if the criminals who spread the WannaCry malware allow victims access to their files again.
How do we get infected?
Hackers have spread ransomware through e-mail. You are not the only person receiving this, thousands of evil e-mails are send to random recipients in a matter of minutes. The WannaCry ransomware is hidden in files that are attached to these e-mails.
Are all computers vulnerable for this malware?
The WannaCry ransomware is specifically written for computers that use the Micorosft Windows Operating System that are not updated with the latest patches. Apple and Linux computers are not affected.
But, I use Windows. Tell me what I can do.
Even when you are not particularly tech savvy, you can reduce the risk of being infected with this or another form of malware by taking these three easy steps:
1. Install Anti Virus
Apart from the various payed versions of Anti Virus packages there are lots of free solutions. Microsoft offers his free Windows Defender that scans your computer for malware on a regular base and also provides you with real-time protection.
Some AV companies have specialized solutions for ransomware; as soon as this form of malware is infecting your computer and starts to encrypt your files, the AV kicks in and blocks the malware from proceeding.
Important is that the AV uses real-time protection, automatically updates itself to the latest version and uses the most recent anti virus definitions. Not only can you find AV for your computer and notebook, also your tablet and cell phone can be protected.
Even when you don’t start applications, malware can try to infect you. A drive-by-download means that your PC is infected by just visiting a website. Sometimes the website is completely legit but uses advertisements that carry the malware. Your real-time AV will make sure your computer stays healthy.
2. Keep your system up-to-date and Back-Up
Always keep your computer up to date. Microsoft is offering free security updates that you can have installed automatically by using “automatic updates”. It will leave malware that is trying to infect your computer by exploiting a bug in outdated software harmless.
However the Microsoft patches work only for your Operating System but not for non-Microsoft applications that you have installed. Be sure that also your web browser (FireFox, Chrome) and other third-party software are always updated to the latest version.
Get rid of unused software; not only will you free up space on your disc, you also prevent that it can be used to compromise your computer.
Talking about software; NEVER download software from so-called ‘Warez” websites. On these websites as well as file sharing platforms like eMule, BitTorrent, and UseNet, you often find illegal copies of software that are ‘cracked’. This means that the software is manipulated in a way that it can be used without a license. Some people think they save money by using cracked software but besides the fact that you are not giving the software developers credits for their work, the cracked software is often ‘enhanced’ with malware that will infect your computer.
Pay close attention to the location where you download the software from; download the software only from the originating trusted website. Look at the Internet Address; is it a legit company? Use your common sense, is it software for cracking software, then you know it can’t be trusted. After downloading the software use your AV to scan the file for hidden virusses.
It is a good habit to have your precious images, video’s, documents and other important files backed-up. You can temporary connect an external hard disk to your computer and copy the files manually or use an automated back-up solution. After backing up your files and have your back-up checked if everything went ok, disconnect your external storage medium. This will prevent your back-ups to be affected might your computer ever be infected with malware.
3. Email and Phishing
When it comes to email we are talking about one of the most used methods that hackers use to infect your computer, but how does this work?
First: hackers don’t usually send you an email asking you to click the malware they have attached. They will try to trick you into clicking a hyperlink in the body of the email that will lead you to an evil website or open an evil attachment. This attachment can be a PDF, a document, image, executable file, etc. In order to persuade you into clicking one of these, they often pretend that the email is from a person or an organisation you know and you trust, what is called ‘spoofing’. It seems the email has been sent by a relative or a trusted company as Microsoft, PayPal, bank, Mastercard, etc.
In the email they will use a fake story to gain your trust and trick you into clicking a link or open an attachment. Often they use a text that urges you to take action otherwise your credit card will expire, your bank account will be frozen or something like that. In those cases people tend to take immediate action without checking if the sender is really authentic.
Suppose that you receive an email from the Post office saying your package is on it’s way but you have to validate your identity in order to receive it. The email appears to be from the post office but you find a number of spelling errors and you even did not expect a package. Though it seems strange; lots of people can’t handle the curiousity and even when they feel that somethings fishy is going on, they click the link in the email or open the attachment, just to see what it is about. They fell for a “Phishing scam’ which is a digital version of what we call ‘social engineering’; tricking someone to believe they can be trusted and that they are doing you a favour, in return what else can you do than listen to their kind advise and click the link.
How can you be sure that the email you received is harmless?
You can’t always be sure because the Phishers are adapting their methods constantly. However there are a number of thing you can do:
– Do not open emails from unknown senders;
– Do not open emails with an ebullient subject; (i.e email from Dutch friend in Italian language, or an invitation to join ‘Asian-titty-lovers.com’ coming from your mother);
– Do not click links in unexpected emails, even when it seems to be send by someone you know and trust (link to tracking info in email from shipping company while you didn’t even order anything);
– Do not click attachments in unexpected emails even when it seems to be send by someone you know and trust (Congratulations: You have won the lottery (in which you not participate): open the attached file to collect your price;
– Learn to recognise phishing emails (here is a great anti phishing quiz);
– If it seems to be send by someone you know and trust and the email looks odd, just contact the sender through the phone and ask if they have send you an email and that you thought it looked different than normal.
– If you receive a message, even when it seems to be send by someone you know and trust that:
– warns you for something terrible;
– urges you to take immediate action;
– Tells you that the Police/ Microsoft/ McAfee/ Other well known trusted comapny warns for this disaster;
– insists that you send this email immediately to the rest of your address book;
Then you probably have to do wit a HOAX. It’s like the old chain-letter, intended to reach out for as many people as possible. Do not forward the email and check the official website of the Police/ Microsoft/ etc to confirm if this problem really exists.
In this posting we have talked about ransomware and other forms of malware, what tey are, how they try to infect you computer and what you can do to prevent this.
In the next posting we will look what you can do when you are already infected with malware.