If there is a silver lining to the recent Wanna Cry ransomware outbreak, perhaps it is this: heightened security awareness among the sheeple. *sigh*
Here are some general things to do, gleaned from a few articles and my own experiences dealing with other folks’ malware infestations:
- Don’t pay
- don’t click on email attachments*
- Keep your software up to date
- INCLUDING your security softwares!
- Back up your personal files, and make at least one system backup of a stable, clean system.
*See the asterisk above? Yeh, that. Being able to send and receive email attachments is one of the important features of email, so not opening ANY email attachments vitiates the usefulness of email. Not a problem. First, only accept attachments from someone you know. Verify that the email actually did come from that person. At least look at the headers, but if ANY possible question exists about the email’s authenticity, ASK THE PERSON WHO SEEMS TO HAVE SENT IT! And always, ALWAYS, ALWAYS scan email attachments with up-to-date security softwares.
Even if I have done all of these, I have sometimes saved the attachment offline, then opened it in a virtual machine to check. I have actually caught two “baddies” this way, though it’s been years since that time.
Nothing in the short list above is at all difficult to do, and not even really time-consuming either. It’s just common sense, something sorely lacking among many users (which is exactly how <300,000 computers were hit by “Wanna Cry”–users self-infecting).
Most assuredly. You mean ppl still fall for this? I wonder how many fall for the infamous Nigerian princess scam…not! 🙂
The WannaCry ransomware wasn’t spread (primarily) via e-mail attachments. Instead, it exploited a bug in SMB v1. One of the few true viruses I’ve heard of lately. Your list remains valid though, and people that ignore it do so at their own peril.
Right, Perri, but note: ANY ransomware (including WannaCry) can be defeated by. . . restoring a clean backup (item the last in my list). That’s one of the key places many (most?) folks’ computing practices fail. Heck, even just dumping copies of one’s own personal documents (and media files, etc.) off on a USB drive of some kind or another can make ransomeware a very nearly trivial event (yeh, scrubbing a drive and reinstalling the OS can be a minor pain for folks).
SMB v3 has been a part of Windows since Win8/Server2012, which tells me a LOT of folks were still running outdated, unpatched software. Heck, even Win 7 runs SMB 2.1.