Last week, something inconceivable happened: 150 countries were attacked with ransomware. And not just any kind of ransomware. According to CNN Tech, this ransomware seeks out vulnerabilities in older Windows operating systems to worm its way in. If you’re not familiar with the term ransomware, let me clue you in. Ransomware is a specific type of malware meant to infect its victims by locking files and demanding payment (ransom) to unlock those files. In some cases, the payment goes up if the amount demanded is not paid by a certain time.
This new and rapidly-spreading ransomware, aptly named WannaCry (aka: WanaCry, WannaCrypt), blindsided everyone. In a matter of seven hours, thousands of systems were infected all over the world. This included Canada as the map created by the New York Times suggests.
It is clear from all the research that older and unsupported Windows operating systems are vulnerable to these attacks, resulting in businesses coming to a grinding halt, information being potentially compromised, and ransom being paid to these criminals. This is the last thing anyone wants and it’s a lot more damaging than anyone can afford. Below are three strategies to help protect you against this ransomware attack and other attacks that may be coming down the line.
Related article: How to Recognize and Avoid Ransomware
The protests to the resounding recommendation of upgrading and updating the XP system are astounding.
Big corporations are taking advantage of the little guy.
Windows retired XP when it was at the top of its game.
I don’t need a system upgrade. Windows XP gives me everything I need.
I’m not going to argue with you on any of these points, and if you agree with one or all of them, you are most certainly entitled to your opinion. But I think it’s fair to point out that those opinions have to be put aside when it comes to your patients’ personal and medical records. You have a responsibility as a dental care professional to protect your patient’s information. Can you really afford to let your opinion get in the way of that?
And what about the normal function of your practice? CNN Tech recently reported that sixteen NHS run hospitals had “cancelled outpatient appointments and told people to avoid emergency departments if possible.” Why? They did not take the proper precautions to protect themselves from the newest form of ransomware. The Guardian reported that “many NHS trusts still use Windows XP, a version of Microsoft’s operating system that has not received publicly available security updates for half a decade, and even those which are running on newer operating systems are often sporadically maintained.”
If you are running an older Windows operating system (XP, 2003) or unsupported operating system (Windows 8), then your chances of being hacked are extremely high, and the recommendation that has come up more than all the others is– upgrade. The cold hard truth is that you are susceptible to the WannaCry threat along with many other malware threats that use vulnerabilities in older systems to get in and wreak havoc. A Wired article describes still using Windows XP accurately enough as “a castle with no moat, portcullis raised, doors flung open, greeting the ravaging hoards with wine spritzers and jam.”
Those running Windows 7 and 8.1 are not safe, either unless they are being regularly updated. Enable your automatic updates and let Microsoft do its job and keep your system protected.
If you are running Windows 10, you are safe from WannaCry . . . for now. But that should not stop you from continuing to update regularly. I know it’s a pain. I know Windows can be extremely pushy with their updates. I know because I have a Windows 10 laptop with important information on it I cannot afford to lose so I keep my automatic updates enabled. Your patient’s information is too important. If your automatic updates are disabled, I do recommend enabling them, or if you just can’t handle the interference, remember to manually update as soon as it’s necessary.
I’m not saying that these vulnerabilities in older and unsupported systems are the only opening available to these types of malware, but it is a very important opening that you should immediately think about closing.
- Practice vigilance on the internet
Most research suggests that this particular type of ransomware, although able to take advantage of the vulnerabilities in older Windows operating systems also spread through malicious emails and links. So, another line of defence to keep in your arsenal is practicing vigilance with any and all unknown emails and links you come across. The simplest advice I can give you is this: Don’t know, don’t click. This will protect you from phishing emails and malicious links that happen to land in your email or even on the internet.
- Backup, backup, backup!
Feels a little like deja vu, it should. We have been down this road before when another kind of ransomware attacked several office computers. As has been mentioned before, your biggest, not to mention, the smartest line of defence against all ransomware or any other kind of malware, is to backup, backup, backup. Backup your data onto a separate drive or the cloud. Maxident even offers MaxiVault for those wanting to keep their information safely stored off-site complete with experienced technicians to watch over it. There is no bad way to backup. And think about it, if the worst should happen, you haven’t lost anything and, with the help of your tech, can reformat your drive, restore all your files and be back up and running in no time.
It is incredibly disappointing to say that this is not the last threat we will see. However, if you outfit your computers with the proper upgrades and continually update; if you practice vigilance on the internet either when browsing or checking email; and you prepare for the worst by backing up all your information, these threats will not have a damaging impact on your practice and you will not have to panic upon hearing about yet another malware attack.
For more information and resources to check out, please don’t hesitate to check out the links below.
- CNN Tech: Massive cyberattack targeting 99 countries causes sweeping havoc
- CNN Tech: NSA’s powerful Windows hacking tools leaked online
- ZDnet: How to defend yourself against the WannaCrypt global ransomware attack
- ZDnet: Ransomware attack: The second wave is coming, so get ready now
- New York Times: Animated Map of How Tens of Thousands of Computers Were Infected With Ransomware
- Wired: If You Still Use Windows XP, Prepare For the Worst
- The Toronto Star: What is malware and ransomware?
- The Guardian: Cyberattack wave ebbs, but experts see risk of more