Written by Bill Starkweather, IT Director (South Bend, IN)
Several weeks ago, we witnessed a coordinated global cyber-attack known as WannaCry. It is one of the biggest cyber-attacks ever, impacting over 150 countries and infecting more than 250,000 machines. WannaCry was a type of malicious software (malware) classified as ransomware. This type of attack encrypts files on your computer and requires that you pay a ransom to unlock those files.
Specifically, this attack exposed a vulnerability in Windows and focused on two group of computers:
- Computers running outdated versions of Windows that are no longer supported by Microsoft. Since they are no longer supported, Microsoft does not provide patches or updates to these systems.
- Computers whose version of Windows are supported, but failed to install the patch supplied by Microsoft in March of 2017.
There are things you and your IT support can do to help protect your home and work devices.
- Ensure that you have all of the latest software patches installed on all of your equipment.
- Check your devices to make sure that your Virus protection software is up to date and functioning properly.
- Ensure that your email SPAM filter is performing as expected. This will help stop inbound email attacks by preventing users from receiving harmful emails. The Wannacry attack came in via email and then attacked the vulnerability in the operating system.
- Provide Internet website and content filtering to prevent harmful websites.
You can take additional steps to protect your files, network, and devices such as closing all of your applications, restarting your computer, and leaving it at the login screen at the end of the day or when you're finished using it. Benefits of following this practice include:
- You won't lose files in case of power loss, because you're not leaving any unsaved files open.
- Microsoft Windows operating system updates are installed in middle of night, instead of when you turn your PC on. This helps prevent excess network traffic occurring first thing in the morning and your computer will not be slowed down while updates are being installed when you need to use it.
Another thing you can do is be mindful of the emails that you are opening. We've touched on this in previous blogs so be sure to check out How to Recognize and Defend against Cyber Attacks - Part 1 and Part 2 or Let's Talk Cyber Security - Again! for more information. Some tips to keep in mind when checking emails:
- SPAM filters and AntiVirus software will capture harmful emails and email attachments, but nothing is 100% and you should only open emails and attachments from a trusted source.
- If you find an email in your SPAM folder, think about whether you really need it, because it was quarantined for a reason by the SPAM filter.
- If you have any questions about whether or not to open an email, error on the side of caution and contact I/T support if possible.
One last helpful hint to protect your computer from cyber attacks: be careful about the internet sites you are accessing. Internet sites can contain harmful files and links. You should only visit sites that you are familiar with or are from a reputable company. Download with care, too. Files should only be downloaded from a known site.
I hope you find these tips helpful and use this advice to keep both your personal and professional networks protected!