Tuesday May 16, 2017
How to defend yourself against ransomware cyberattacks
At least 150 countries were affected by a WannaCry ransomware attack on May 12 — a clear sign global cybersecurity needs to be stronger.
"It's taken down arguably 200,000 victims so far and hundreds of thousands of computers from China to Russia to Britain and even some in Canada," says New York Times European tech correspondent Mark Scott.
He tells The Current's Anna Maria Tremonti that investigators are "linking some of the code in this attack to past attacks linked to North Korea … but we don't really know if it's for certain."
It was a 22-year-old researcher in Britain who became an accidental hero, Scott explains. While looking through some code the researcher discovered that by registering a long and complicated website domain, he could prevent the cyber attack from spreading into Canada and the U.S.
"He did this completely by accident expecting it to sort of not have much effect. But when he did that it completely shut the virus from spreading into North America."
How does WannaCry ransomeware work?
Scott says the ransomware's not that technical but what sets it apart is the global nature of the attack.
"A victim's computer is taken over by this virus. It locks out the individual so you can't get access to your data and then you have to pay $300 to $600 through something called Bitcoin ... an online currency to gain access back to your computer," explains Scott.
He suggests that most governments and corporations on average aren't prepared for a cyberattack because "no one wants to spend money on upgrading IT (information technology) and computers — it's not really a priority for people."
Scott advises both people and companies to keep upgrading computer software to minimize risk of cyberattacks.
"And frankly spend some money on making sure you have the best cybersecurity available."
Not just an IT solution
According to Neil Walsh, director of the UN's global programme on cybercrime, what this recent cyberattack proves is that cybersecurity and countering cybercrime "is not simply a role of an IT department."
"It is the role of chief executives and the board level decision makers. Every company, every government, every government department must have a cybersecurity plan. They must wargame it, they must practice it so that when things like this happen they're ready for it," Walsh tells Tremonti.
He does not advocate ransom paying as it propagates the criminal business model and says there's no guarantee data will be decrypted or that another attack won't happen.
He warns that most ransomware attacks have a time limit so when a computer is compromised, a countdown timer will appear on the screen before your data is lost.
"This is part of a social engineering from the criminals to try and force you to pay."
Arm yourself to prevent attacks
Walsh suggests some ways to minimize vulnerability to ransom threats is backing up important data as well as having up-to-date anti-virus software.
He tells Tremonti it's up to everyone to play a role in cybersecurity, pointing to the fact the recent threat was shared by email.
"We all have to think about the emails that we open, what do we download, what attachments do we open — we can all be a part of a solution."
Listen to the full segment at the top of this web post.
This segment was produced by The Current's Shannon Higgins and Lara O'Brien.