Ransomware safety: what to know

By: Brittany Bedi
May 15, 2017

TALLAHASSEE, Fla. (WCTV)-- A ransomware attack has swept through more than 150 countries across the globe. The hack uses WannaCry ransomware software to encrypt computer files and demands the owner pay to have the computer released.

The cyber attack impacted government servers, shipping companies, and numerous healthcare systems across the globe. The attack caused a halt in medical services in Europe and Asia.

The reason that so many computers were vulnerable is that fact that many computer systems overseas did not or could not install the latest security patch from Microsoft. Systems running old Windows software are left vulnerable to the attack as well.

Ransomware is not a new threat, but the WannaCry ransomware is more aggressive than most people have seen. Aegis Business Technologies in Tallahassee is working to notify clients about the ransomware threat.

“What you need to think of as a home user, as a business person in our community is to keep your software up to date,” said Aegis CEO, Blake Dowling. “The reason this ransomware is so aggressive is because older versions of software don’t have the latest security patches and it was able to roll right through these various networks.”

Though the attack is not as pronounced in the United States, it doesn’t mean the threat is over.

All it takes is one person in a network to open an email attachment with ransomware to put everyone at risk. External hard drives and USB flash drives plugged in an infected computer can become encrypted as well.

“Organizations that for whatever reason are still running Windows XP or something like that, where these patches aren’t even available anymore, it could’ve been prevented.”

Dowling says that the best way to prevent an attack is to keep computer operating software updated.
Use best judgement when opening emails. Do not click links or attachments from an email you’re not expecting.

Another part of being prepared for an attack is to have a back-up plan if your computer becomes infected.

"Have something on premise, have something in the cloud, make sure it works, because if you're not testing it, who knows what happens when disaster strikes,” says Dowling.
“We, as IT professionals, always says, don't pay these people. You just encourage them to continue to defraud others, go to your backup, wipe and reload the affected machine, and if you are infected, unplug immediately."

Dowling notes unplugging an infected computer may not solve the problem with recent ransomware attacks, but isolating the infected computer is important.
Having a robust firewall, anti-virus software, anti-spam software, and a strong password will also help.

“Avoid creating passwords with complete words in the dictionary. Use some capital letters, symbols,“ said Dowling. “If it’s in the dictionary, hack programs are just whipping through that.”

Dowling notes that attacks like WannaCry ransomware should be expected with the technologically advanced world we live in. It could easily happen at a local institution.

“If this attack impacted local healthcare and service weren’t provided or potentially a life lost because of it, we’d be having a much different conversation,” said Dowling. “Because it happened across the Atlantic we want to think it’s their problem, but it’s our problem too.”

Dowling urges local businesses to update their operating systems to the latest software to minimize the risk of future attacks.