Since the world wide cyber-attack on Friday 12 May 2017, there has been a lot of irrelevant, confusing, misleading or downright incorrect information published on the internet and in the news.
But certainly, it seems the attack was targeted at older computers running the Windows XP operating system.
(Windows XP was originally released by Microsoft in 2001. After eight years, mainstream support ended in April 2009. However, Microsoft continued to provide free security updates every month until April 2014 – over three years ago.)
And now, not surprisingly, the blame game has kicked off. Whose fault is it: the hackers; the NSA; Microsoft; the organisations that have been affected?
Of course, if the hackers hadn’t launched the attack, this discussion wouldn’t be taking place. But equally, if those compromised organisations had been running alternative or newer, supported operating systems on their computers they wouldn’t have been infected.
So why am I wading into the melee with my two penny worth?
Well, in the UK, most of the emphasis has been on the effect of the outbreak on the National Health Service, with one or two other organisations also mentioned. And, of course, the problems generated are indeed of concern: much disruption and inconvenience has been caused.
But, little has been said about the potential impact of these types of attack on small business, home based business, or indeed the private individual: computer users who are just as susceptible as the giants getting all the air time.
And the useful nuggets of information that the rest of us could benefit from have been, at best, buried in all the hype, blame passing and discussion of the ‘bigger’ problem.
Friday’s ransomware attack is current, wide-spread and big news. But many types of malware attack, including phishing, data theft and so on are relatively common on a smaller scale and there are things we can all do protect ourselves against them.
So, what can you (or your systems administrator) do to minimise the risk to your computer?
- Realise that the problem of computer security does not just affect Windows XP. Any version of Windows (and other operating systems) can be the target of an attack – as can your Android mobile phone or tablet. And don’t think you are safe if you are an Apple user. While they are generally more secure than Windows PCs, they are far from immune. Mac malware is out there.
- Make sure all your software is up-to-date. That includes your operating system (Windows, Android, MacOS) and any applications/programs you have installed (for example: word processors, graphics software, games, java).
- If you are using an unsupported version of Windows like Windows 2008 or Windows XP, you can get the patches for your unsupported OS from the Microsoft Update Catalog. But I still recommend you update to a supported version of Windows as soon as possible.
- Make sure that you are running up to date anti-virus software, with up to date virus definitions and you have a firewall running.
- Back-up your data. Preferably in multiple locations. Don’t just use online services like Dropbox or OneDrive. These can still be compromised. Use an external hard drive connected to your PC and unplug it when you’ve completed your backup.
- Avoid opening email attachments if the message is unsolicited, or if you are at all suspicious of the origin.
- Don’t click on links in spam emails. The destination may be designed to steal your personal details. Legitimate financial organisations won’t include links to your account. If you want to check if the email is real, instead, open your web browser and log in to the website in the way you normally would.
- Victims of fraud in the UK should report it to Action Fraud.
The advice from the UK National Crime Agency is NOT to pay any ransom demand if you have been caught by ransomware. There is no guarantee you will get your files back, and no guarantee your files won’t be locked again at some time in the future. Back them up NOW, in case you get caught out.
Take the steps above, and you will minimise the chances of suffering a cyber or malware attack yourself.
Living in the Kent or Medway area of southern England? Please don’t hesitate to contact me if you are concerned about the security of your computer, tablet or mobile phone, and you could do with some help putting any of the suggestions above into practice.