How to Prevent WannaCry-Like Ransomware Attacks

The WannaCry ransomware has caused a scare across the world within a few days of being discovered. The biggest ransomware attack yet, WannaCry was temporarily stopped in its tracks by a British researcher by registering an obscure web address, even as it infected 200,000 computers worldwide.

People soon created new WannaCry versions that could not be taken out with the original fix. And the scope of this ransomware is huge. Computers in over 150 countries have been hit, from police departments in India to schools and universities in China, and from Britain’s National Health Service to Telefónica in Spain.

The WannaCry hackers have demanded payments of $200 to $600 (roughly Rs. 13,000 to Rs. 38,000) in bitcoins from organisations as well as individual users whose computers had been infected, or else the data would be wiped.

Even after individual users and IT departments patch and update their systems, there are lingering concerns here. And if you would like to safeguard yourself against such attacks in the future, there’s quite a bit that you can do. Here are some basic things to keep in mind to protect yourself from ransomware attacks.

Never run files you don’t trust
Most computer worms, including WannaCry, spread themselves with the help of unwitting computer users who run a file that they don’t know enough about. These files are sent through emails as attachments, or via obscure URLs masquerading as safe links.

If you receive an email from an unknown source, or an executable file that you don’t trust, never click on it. Discard it into your junk/ spam folder, or delete the file, and empty the recycle bin.

Moreover, Windows OSes since Vista have a security feature called User Account Control, which restricts unauthorised programs, such as the ransomware in question, from full administrative access. If an unknown app brings up a UAC prompt, steer clear of giving it any such permission.

There are ways to safely execute an untrustworthy program, by running them inside a virtual environment. In such a scenario, the program can’t interact with any other files on your computer. Security researchers use this method to study malware but you shouldn’t try it if you don’t know what you’re doing.

Stay away from outdated and pirated OSes
The biggest reason for WannaCry’s success has been the fact that most institutions, corporations and government agencies had been running an unsupported version of Windows, or an outdated one – XP in most cases – owing to a lack of funding for their IT department. Malware like WannaCry rely on exploiting vulnerabilities in your system, and with Microsoft ending support for Windows XP in 2014, thousands of computers were at risk.

The other issue was that there’s a heavy culture of software piracy in countries such as India, China, and Russia, where businesses, and even government offices, were using pirated copies of Windows, which don’t always have the required security updates.

There’s also the fact that Windows XP is really old (it released in 2001, 16 years ago), and the burden of security lies on the end-user too. As IT departments scramble to fix things around the world, they should implore their companies to either pay Microsoft for extended support contracts, or upgrade from outdated systems to newer versions to avert spread of ransomware such as WannaCry.

For an individual user, it’s obviously much easier. If you’re on an old Windows machine, and haven’t been infected yet, install Microsoft’s emergency patch MS17-010. In the future, stay away from pirated/ unsupported Windows since you won’t receive timely updates, and make sure you’re using a version – Windows 7, 8.1 or 10 – that will get security updates in the long run. If you don’t wish to pay, consider moving to a Linux distro.

Keep automatic updates on
Simply having the latest Windows OS installed – Windows 7, 8.1 or 10 – isn’t enough. In the case of WannaCry, only the users who had the most recent (May 2017) updates installed, and the latest Windows Defender virus definitions, were not vulnerable to the WannaCry ransomware attack. This goes to show how important the boring update cycle can be, and why you shouldn’t take it lightly.

Here’s how you can make sure you receive automatic updates on the supported Windows systems. If you don’t see some of the options below, make sure you’re logged in with an administrative account.

On Windows 7 –

Head to Start > Control Panel > System and Security > Windows Update.
On the left-hand side, choose Change settings.
Under Important updates, make sure it says Install updates automatically (recommended).
Check all the other boxes on the page, and then click OK.
On Windows 8.1 –

Hit Win key + X, and click Control Panel.
Head to System and Security > Windows Update.
On the left-hand side, choose Change settings.
Under Important updates, make sure it says Install updates automatically (recommended).
Check all the other boxes on the page, and then click OK.
On Windows 10 –

Hit Start key, and click on the Settings gear icon.
Head to Update & security, and then click Windows Update on the left.
On the right, choose Advanced options.
Under Choose when updates are installed, make sure it says Current Branch, and that both the values for feature and quality update are set to 0.
Check the first two boxes, and close the window.
Third-party firewall and anti-virus
The sheer ubiquity of Windows around the world means that hackers and criminals usually design their code for the most common environment, which includes the default Windows Firewall and Windows Defender. And though both are capable, they are far from perfect.

If you wish to increase protection, you should consider investing in a good firewall and anti-virus, ideally a best each in its own regard. The two are often marketed together as ‘Internet security suites’ these days, but it’s better to go for an individual winner for improved security.

We have a long list of anti-virus solutions – paid and free – that you can look at, and there are several firewalls – Comodo, Kaspersky, and ZoneAlarm among them – that make a great contender.

Most anti-virus and firewall programs also offer extended protection in the form of website filtering, which warns you of unsafe websites; network scans, which looks at security issues with your router and network protocols; and software updater, which makes sure that you aren’t using an outdated version of a program.

Some even offer a built-in password manager, a VPN solution, and a more secure browser. There might even be a sandbox option that helps you execute a file in a virtual environment, like we talked about earlier. And if you’re worried about an impact on your performance, there’s usually a ‘game mode’ option, as well.

Backup your important data regularly
Despite taking all the above precautions, there’s always a chance that your system can be compromised. If you’ve got sensitive data, always have a backup. Ideally, multiple ones.

It ensures that you won’t start sweating and break down if something happens to your computer. The basic rule about backups is that they should always be on a separate hard-drive from your computer.

It can something be as simple as an external hard-drive, a network attached storage with RAID functionality (it’s like having a backup of a backup), or opening an account with a subscription-based cloud service, which regularly backs up all your important data.

Related Articles

Back to top button