5 Ways to Become a Smaller Target for Ransomware Hackers | NBC4 Washington

5 Ways to Become a Smaller Target for Ransomware Hackers

This weekend's virus was particularly virulent, because it could spread to all other computers on a network even if just one user clicked a bad link or attachment

    processing...

    NEWSLETTERS

    Getty Images/File

    This weekend's global online extortion attack reinforces the need for businesses and other large organizations to update their computer operating systems and security software, cybersecurity experts said.

    The attack largely infected networks that used out-of-date software, such as Windows XP, which Microsoft no longer offers technical support for.

    22 Dead in Explosion at Grande Concert

    [NATL] 22 Dead in Explosion at Grande Concert

    British police said an explosion at an Ariana Grande concert at Manchester Arena killed 22 people, including children, and injured more than 50. 

    (Published 5 hours ago)

    "There's some truth to the idea that people are always going to hack themselves," said Dan Wire, a spokesman for security firm FireEye. "You've got to keep your systems updated."

    The attack that authorities say swept 150 countries this weekend is part of a growing problem of "ransomware" scams, in which people find themselves locked out of their files and presented with a demand to pay hackers to restore their access.

    Hackers bait users to click on infected email links, open infected attachments or take advantage of outdated and vulnerable systems. This weekend's virus was particularly virulent, because it could spread to all other computers on a network even if just one user clicked a bad link or attachment.

    Lawrence Abrams, a New York-based blogger who runs BleepingComputer.com, says many organizations don't install security upgrades because they're worried about triggering bugs, or they can't afford the downtime.

    WATCH: Pippa Middleton Post-Wedding Kiss

    [NATL] WATCH: Pippa Middleton Post-Wedding Kiss

    Pippa Middleton and James Matthews kiss after their wedding at St Mark's Church in Englefield, England, on Saturday, May 20, 2017. Middleton, the sister of Kate, Duchess of Cambridge, married hedge fund manager James Matthews in a ceremony Saturday. Her niece and nephew, Prince George and Princess Charlotte, were in the wedding party, along with sister Kate and princes Harry and William.

    (Published Saturday, May 20, 2017)

    Here are five tips to make yourself a less-likely victim:

    MAKE SAFE AND SECURE BACKUPS
    Once your files are encrypted, your options are limited. Recovery from backups is one of them. "Unfortunately, most people don't have them," Abrams says. Backups often are also out of date and missing critical information. With this attack, Abrams recommends trying to recover the "shadow volume" copies some versions of Windows have.

    Some ransomware does also sometimes targets backup files, though.

    You should make multiple backups — to cloud services and using physical disk drives, at regular and frequent intervals. It's a good idea to back up files to a drive that remains entirely disconnected from your network.

    The 'Greatest Show on Earth' Says Goodbye

    [NATL-NY] The 'Greatest Show on Earth' Says Goodbye

    The Ringling Brothers and Barnum & Bailey Circus that has wowed crowds for 146 years with its "Greatest Show on Earth" is taking its final bow on Sunday.

    (Published Sunday, May 21, 2017)

    UPDATE AND PATCH YOUR SYSTEMS
    The latest ransomware was successful because of a confluence of factors. Those include a known and highly dangerous security hole in Microsoft Windows, tardy users who didn't apply Microsoft's March software fix, and malware designed to spread quickly once inside university, business and government networks. Updating software will take care of some vulnerability.

    "Hopefully people are learning how important it is to apply these patches," said Darien Huss, a senior security research engineer for cybersecurity firm Proofpoint, who helped stem the reach of the weekend attack. "I hope that if another attack occurs, the damage will be a lot less."

    The virus targeted computers using Windows XP, as well as Windows 7 and 8, all of which Microsoft stopped servicing years ago. Yet in an unusual step, they released a patch for those older systems because of the magnitude of the outbreak.

    "There's a lot of older Windows products out there that are 'end of life' and nobody's bothered to take them out of service," said Cynthia Larose, a cybersecurity expert at the law firm of Mintz Levin.

    USE ANTIVIRUS SOFTWARE
    Using antivirus software will at least protect you from the most basic, well-known viruses by scanning your system against the known fingerprints of these pests. Low-end criminals take advantage of less-savvy users with such known viruses, even though malware is constantly changing and antivirus is frequently days behind detecting it.

    EDUCATE YOUR WORKFORCE
    Basic protocol such as stressing that workers shouldn't click on questionable links or open suspicious attachments can save headaches. System administrators should ensure that employees don't have unnecessary access to parts of the network that aren't critical to their work. This helps limit the spread of ransomware if hackers do get into your system.

    IF HIT, DON'T WAIT AND SEE
    Some organizations disconnect computers as a precautionary measure. Shutting down a network can prevent the continued encryption — and possible loss — of more files. Hackers will sometimes encourage you to keep your computer on and linked to the network, but don't be fooled.

    If you're facing a ransom demand and locked out of your files, law enforcement and cybersecurity experts discourage paying ransoms because it gives incentives to hackers and pays for their future attacks. There's also no guarantee all files will be restored. Many organizations without updated backups may decide that regaining access to critical files, such as customer data, and avoiding public embarrassment is worth the cost.

    ‘T-Rex’ Spooks Horses on City Street

    [NATL] ‘T-Rex’ Spooks Horses on City Street

    A person in a Tyrannosaurus Rex costume allegedly growled at a pair of horses pulling a carriage in Charleston, South Carolina. The horses were frightened and caused the carriage to jackknife, injuring the driver.

    (Published Friday, May 19, 2017)

    Ryan O'Leary, vice president of WhiteHat Security's threat research center, points out that this weekend's hackers weren't asking for much, usually about $300.

    "If there is a silver lining to it, you're not out a million dollars," he said.

    Still, "My answer is, never pay the ransom," Abrams said. "But at the same time, I also know that if you're someone who's been affected and you've lost all your children's photographs or you've lost all your data or you lost your thesis, sometimes $300 is worth it, you know?"