On Friday 12 March, computers and businesses around the world were brought to a standstill by the spread of a ransomware attack known as WannaCry. The attack exploits vulnerabilities in the Microsoft Windows operating system, then encrypts the data on the affected computer and demands a “ransom” for the data to be unencrypted. There is no solution, other than paying the ransom. But the attack can be prevented.
We spoke to cyber security expert Dr Aleksandar Valjarevic, head of professional services at LAWtrust, Africa’s leading expert on cybersecurity, to find out what individuals (and organisations) should be doing to avoid WannaCry – and any other cyberthreat that may present itself. This is what he had to say:
Install protectionThe first thing that you need to do is make sure that you have a full internet security solution like those from Kaspersky, Norton or Bitdefender installed on your computer. An antivirus solution only protects your computer against viruses, whereas a full internet security product protects you against other forms of malicious content and activities – they usually have a firewall, are able to detect phishing over the internet and have the capability to detect key loggers and take action against Trojans and worms (see glossary at the end of this article).
Always do your updatesThe WannaCry worm was able to spread because many computer owners and organisations had failed to run the patch for the Windows vulnerability that had been released two months earlier.
“Although nothing is 100% safe, if everything is up to date, you should be pretty much safe,” Dr Valjarevic says. “You need to update your operating system, any software that you use, including your internet security software.”
Be vigilant with email “Email is a big threat vector,” says Dr Valjarevic. “Ransomware and phishing mostly start with an email.”
For this reason he says it is vital that you do not open emails from people you don’t know, and you never reveal personal information when prompted to by what appears to be a trusted organisation like your bank or SARS. Even if the recipient is trusted, do not download attachments that you weren’t expecting, and watch out for poor spelling or a strange tone in the email from someone who appears to be a known sender.
“If you receive an email with an attachment that you weren’t expecting, give the sender a call to check,” he says.
Check the security status of websites When you visit a website Dr Valjarevic says you can check it is secure by entering the web address, and then checking to see if the URL starts with “https”. The “S” shows that the site is secure and hackers can’t access it. Some browsers also display a padlock before the web address.
“You can therefore use the site for online transactions or for sending personal information like an email address,” he says.
Take extra care on public networks Public wifi is a great gift, but it should be used with caution. Don’t use a public wifi network to do your banking, online shopping or any transaction in which you reveal your personal details or email address.
Also, watch out for “evil twin” networks. This is when a person creates a hotspot with their phone in a public space and gives it a name that appears to be the same as the nearest hotel or restaurant, and then accesses your information. Always double check that you are connecting to the correct public network – ask the restaurant for the exact name of their network, and whether it is password protected.
Be an aware digital citizen“We should be asking all our service providers – our banks, healthcare, insurers – how they are treating our data and what mechanisms of protection they are putting in place,” says Dr Valjarevic.
It is not good enough to assume that just because you are dealing with a reputable organisation, they have sufficient security measure in place.
IT security risks: know your terminologyRansomware: A type of malicious software designed to block the use of a computer or network until a sum of money is paid.
Virus: A malicious piece of software code, capable of replicating itself and spreading to other computers.
Trojan: Similar to a virus, except it does not replicate itself. It is often packaged with another piece of free software.
Worm: Malicious software that replicates itself to spread to other computers, but relying on security failures in the computer or network, rather than on a host programme or human to replicate it.
Antivirus: Software designed to detect or destroy a virus.
Antispam: Any software, hardware or process that is used to keep spam email from entering a network or computer.
Encryption: Converting information into a code to prevent unauthorised access. The recipient uses an authentication key to decrypt the data. This process is often invisible to the end user.