Safeguard Your Computer From Cyberthreats - The Ransomware Threat Is Not Over




Even though the present site the bad guys were using for WannaCry Ransomware has been shut down; the Windows vulnerability they chose to exploit still exists until all users run the Microsoft Patch. If you don’t, you, could be the next victim of a group trolling for users who decided to “sleep on it”, thinking the threat is gone. To see a sampling of current threats click here. Though Wannacry (also known as wannacrypt) was designed to exploit weaknesses in Windows 7 and previous versions (XP etc), ransomware has been and continues to be, an ongoing threat.  Why haven't the offender's been caught?  There is now very sophisticated software that hides the bad guys.  The good guys catch up and the bad guys find a way around it.

Ransomware Encounter Graph

But after talking to  security experts in private and government firms, they said the biggest flaw in security is.... us, the individual user.  All the software, hardware and operating system improvements can't protect us, if we share our info (passwords etc) at the wrong time , in the wrong place.

 You can download the patch for WannaCry here for Windows 10, 7 and XP or simply run all available Windows Updates. If you want to choose when these updates will run (when you are asleep or at work) click here for directions for Windows 10. For Windows 7 users go to Control Panel-Windows Updates and then settings.

How To Set Autoupdates In Windows 7 graphic by Bob Hershon

Microsoft’s support in creating patches for Windows XP and earlier operating systems not currently supported was unprecedented as those Windows Operating systems are usually ignored when new updates are issued. Though many users are still in love with Windows 7,  WannaCry has demonstrated the cost of not upgrading to Windows 10.

Windows Protection Against WannaCrypt Ransomware

 The new Windows Creator Update, when and if you decide to get it, provides much improved built-in Windows Defender Security and a more secure and feature filled Microsoft Edge browser.  In addition, instead of running updates that were cumulative and took a while to download and run; Microsoft will be sending more frequent and smaller updates that are easier for your PC to digest. One of the biggest features is called container based isolation,which literally isolates malware within a browser and prevents it from taking control of any other system on your computer.  This fall, things will improve even more with the new "Redstone" update (the 2nd Creators Update) from Microsoft, which features the Windows Defender Application Guard.  Let me be clear The Creators Update is not perfect yet, what update is?  So before you update always back up your computer. Check out PC Mags review of the best back up software here.

Increased Security In Creators Update

Though the money to move to the new OS like Windows 7 or Windows 10 (a free upgrade for most) in The United States is not at issue, the money to own a legitimate copy of the software in poorer countries is, as a Ukrainian student at my work pointed out. Without the newer version or legitimate copies of the software, getting timely updates may not be possible. This may explain why WannaCry hit some countries harder than others. With the right software you can build a Windows operating system but upgrading and updating patches is another issue altogether.

WannaCry (i.e.ransomware) is a worm that spreads is by constantly scanning from infected computers till it finds one with a vulnerability or exploit (which they all had before this patch) and infecting it.  It is the result of a release by Shadow Brokers of hacking tools from the NSA that exploited vulnerabilities that Microsoft was unaware of.  Which is why Microsoft pulled out all stops to shut it down. They created the patch back in Mid- March 2017 but not everybody ran it.  Would it have been nice if the NSA told Microsoft about these ?  Hmmmm...Yes I think so. But then the backdoors might have been closed.  If you become a victim of a Ransomware attack, DONT PAY; because chances are extremely slim, that you'll you get your files back.  And if you pay you'll encourage these beasts to feed on others. And if the WannaCry attack is any indication, once these guys encrypt your computer defeating their encryption is next to impossible. DO NOT SEARCH THE INTERNET FOR LINKS THAT SAY THEY WILL HELP YOU RECOVER THESE FILES.  If they say they can they are lying and will probably infect you with something else.  I'm sorry this happened to you.  Sympathies but please don't make it worse and  infect others.

Different versions of Ransomware

So why did big companies and hospitals get hacked?  Because big organizations have scheduled updates so as to not to interfere with day-to-day operations, once a week sometimes less.  Some don't even have a networked option. In addition, these updates usually come in scheduled releases not all in once, except for emergencies like the one we have now. Though everybody read about Britain’s Nation Health Service being victimized few understood the personal toll the attack took.  With lives on the line they paid the ransom with mixed results.  Fortunately a young 22 year old UK genius whose handle is MalwareTech, shut the operation down which hit scores of National Health Service hospitals across Britain. He did this by simply registering the site the bad guys were using.

Many large concerns use Virtual Network Computing (VNC) to remotely access their files from anywhere. If you sign on to such a network that does not require a password, send up a flare to your IT guy. Paul McMillan had reported 30,000 such unsecured VNCs. Last week a concern called VNC Roulette published around 500 screen shots from computers logged on to VNCs that were not secured by passwords.This included bank statements, health records (with patient names, addresses and birthdates) and Facebook pages. 

Finally if you get hit with a virus or malware, DO NOT SHUT YOUR COMPUTER DOWN!  These intrusions often target memory, shutting down, reduces the options to locate and remove the malware.  You can disconnect from the internet. If you get hacked run a tool like Malwarebytes, Bitdefender or KasperskyIf you are short of funds run free Sophos Home great against ransomware.  The only thing missing from their enterprise version is root cause analysis which tells you the who, what and when of the attack.  Check out reviews for Malware protection and removal here.

Graphics provided by Microsoft unless otherwise indicated 

Top of Page
Join Splash Magazines

Feature Article

Tempflow™ and Tempur-Pedic® Reviews - What 35 Hours of Research Uncovered

Want Your Business to Male a Splash
<!-- #wrapper -->