Over the last few days ransomware has been all over the news. WannaCry is a ransomware that has been developed using the initial software that was created by the National Security Agency but recreated for more sinister purposes. It has already been deployed successfully against the National Health Service in the UK and many other organisations such as banks as well.
So, what exactly is ransomware? It differs from malware in the sense that it doesn’t infiltrate quietly. Like the name suggests, ransomware demands money or it’ll start causing problems, most likely by wiping data. But the types of attacks can vary as ransomware can take over webcams and capture footage (much like in a science fiction film) and hold this footage ransom. Since there are over 400 types of ransomware, even the fairly safe Mac and Linux systems can be susceptible.
While not as common as malware the incidences of ransomware have been increasing. Attacks have risen from less than 5 million in 2015 to more than 600 million in 2016 for ransomware while during that same time a number of malware attacks have been falling.
There are many ways to protect against falling victim to ransomware. One of the best is by updating using Windows Update. WannaCry attacked older operating systems with a focus on Windows XP and steered clear of Windows 10. It was likely assumed that users who failed to be up to date would be the ones least equipped to deal with ransomware attacks and would likely not have updated their protection software as well. For users of Windows 8 and Windows XP, patches are already available to protect against WannaCry and it is pretty much essential to download these.
Having a good firewall is also essential. Windows Firewall is not especially robust against these threats and a third party firewall may be critical to keep out malware. The same goes for antimalware software as Windows Defender is not quite strong. With that being said, antimalware software on the whole is playing catch-up to ransomware and so their protection may not yet be at the level needed to block new ransomware threats.
Free malware protection like Bitdefender has an anti-ransomware component but it only protects from four common types of ransomware. There are also good protections services on offer from Malwarebytes and RansomFree but this is restricted to the paid versions of this software.
Staying away from questionable links is pretty obvious but also pretty important. Clicking on a bad link is the most common way to get infected. A bad link can be found on a perfectly legitimate site but it’s also clear that the more shady corners of the internet will have much more risk of picking up malware. Malware infections that were tracked have shown than 66% were tracked on multiple machines. This means that links were forwarded by the users that were infected first and hence only clicking on trusted links from other people is also pretty critical.