8 Tips to Stay Protected in the Age of WannaCry

The WannaCry malware-driven ransomware attacks have come like a sudden storm and as with most disasters, people are left wondering how they can prepare themselves for the next one. Given that WannaCry (also known as WannaCrypt, WanaCrypt0r 2.0 and Wanna Decryptor) is expected to mushroom as newer versions of the malware come out, here are some tips on how you can protect yourself in this increasingly dangerous world – whether WannaCry grows or dies out.

Ransomware is just one manifestation of cyberattacks, and in an era where cyberattacks on systems like power grids (and even airplanes) are a form of both warfare and a lucrative business for international crime syndicates, such headlines won’t end. And the more you do online and especially transact online – for instance, the Indian government’s focus on going digital and cashless is all about online transactions – you will increasingly face such dangers. It’s important you stay aware and as best protected as you can.

In this case, many systems running Windows XP have been affected. Windows XP runs around 60 percent of Indian ATMs, and I’ve noticed that even transportation systems like Mumbai Monorail’s rakes use Windows XP. A panchayat in Kerala has reportedly been infected with the WannaCry malware and there are reports of the West Bengal Electricity Board being affected. So, even if your system doesn’t go down, you may face difficulties, like ATM networks going on the blink and citizen and utility services coming to a standstill.

You’ve got life insurance and medical insurance, right? That’s because we see death and sudden illness as risks. It’s time you see cybersecurity as a similar risk. And therefore, see investment in a security solution (whether it’s for a single PC, a smartphone, or a small company) as an investment that will pay off during the unexpected, because such attacks never come with a warning. And if you are a home user, some of the free options are quite good too.

The only way out for those hit by WannaCry is to ensure removal of the malware from their system and use backed-up data to get back to work. Data encrypted by the malware cannot be recovered and there’s no evidence that the criminals behind the malware are sending keys even if you pay them the ransom. And while cloud back-up is an excellent option, get yourself offline backup too to ensure all your data is backed up to a secondary location. Try and back-up at least once a week, or simply use apps that can ensure automated back-ups.

Whatever operating system you use, make sure auto-updates are on, or at least make sure you follow update releases and install the latest software. Microsoft released an update that patched the vulnerability that WannaCry exploited way back in March. But it’s clear many organisations and users didn’t bother to install the update. And the result is clear for all to see.

Sure, WannaCry doesn’t affect MacOS (in fact, it doesn’t affect Windows 10 either), but ransomware has been found even for MacOS and mobile OSes like Android. In fact, if you get overconfident, the bad guys can use it in attacks that leverage social engineering.

For those on Windows XP and Windows 8 and using pirated software, the Microsoft patch can still be used. However, on a regular basis, you will not have access to auto updates if you use pirated software. Given the high degree of cyber risks, it simply doesn’t make sense to save a few rupees and use pirated software.

There are many options that are now available on a pay-as-you-go, Software-as-a-Service basis. You don’t need to make massive up-front investments. Security as a service is here to stay and in an era of automated threats like Wannacry you should ensure your security is automated too, and responds in real-time to proactively protect your business.