Expert offers five tips to lessen hacker peril
Backup files, security patches advised
An online attack that authorities say swept 150 countries this weekend is part of a growing problem of “ransomware” scams, in which people find themselves locked out of their files and presented with a demand to pay hackers to restore their access.
Hackers bait users to click on infected email links, open infected attachments or take advantage of outdated and vulnerable systems.
Lawrence Abrams, a New York-based blogger who runs BleepingComputer.com, said many organizations don’t install security upgrades because they’re worried about triggering bugs, or they can’t afford the downtime.
He offered five tips to reduce the chance of being hacked:
Make safe and secure backups. Once files are encrypted, options are limited. Recovery from backups is one of them. “Unfortunately, most people don’t have them,” Abrams said. Some ransomware does target backup files, though.
People should make multiple backups — to cloud services and using physical disk drives, at regular and frequent intervals, he said. It’s a good idea to back up files to a drive that remains entirely disconnected from computer networks.
Update and patch systems. The latest ransomware was successful because of a confluence of factors. Those include a known and highly dangerous security hole in Microsoft Windows, tardy users who didn’t apply Microsoft’s March software fix, and malware designed to spread quickly once inside university, business and government networks. Updating software will take care of some vulnerability.
“Hopefully people are learning how important it is to apply these patches,” said Darien Huss, a senior security research engineer for cybersecurity firm Proofpoint, who helped stem the reach of the weekend attack.
Use antivirus software. Using antivirus software will at least protect computers from the most basic, well-known viruses by scanning the system against the known fingerprints of these pests.
Educate your workforce. Basic protocol such as stressing that workers shouldn’t click on questionable links or open suspicious attachments can save headaches. System administrators should ensure that employees don’t have unnecessary access to parts of the network that aren’t critical to their work, Abrams said.
If hit, don’t wait and see. Some organizations disconnect computers as a precautionary measure. Shutting down a network can prevent the continued encryption — and possible loss — of more files.
Law enforcement and cybersecurity experts discourage paying ransoms because it gives incentives to hackers and pays for their future attacks. There’s also no guarantee all files will be restored.
“My answer is, never pay the ransom,” Abrams said. “But at the same time, I also know that if you’re someone who’s been affected and you’ve lost all your children’s photographs or you’ve lost all your data or you lost your thesis, sometimes $300 is worth it, you know?”