Cyber threats and what to do to protect yourself and your business

Panic struck across the globe on Friday, May 12 when a ransomware cyber attack, calculated to extort money from targeted individuals and organizations, afflicted tens of thousands of computers world-wide. This recent attack was broad reaching but experts say it will not be the last of its kind.

Hospitals, companies, universities and governments across at least 150 countries were hit when the cyber attack locked up computer data and the hackers demanded payments in the amount of 300 Bitcoin, in exchange for restoring access.  (Bitcoin is a digital currency whose single unit value was estimated to be worth about $1,860 US on the day of the May 12 attack.)

According to Europol, the European Union’s law enforcement agency, the May attack was facilitated by a new viral strain which technicians have dubbed WannaCry.  It’s a version of ransomware which is named for the way cyber criminals capture computer data and demand money in exchange for restoring the target’s digital data. WannaCry targeted the Microsoft Windows operating system. And although Microsoft created a patch in its software to guard against the virus earlier this year, they did not provide it to customers using slightly older, unsupported Microsoft operating systems. That left tens of thousands of computers and networks at tremendous risk including Britain’s National Health Service, its patients and the general public. Microsoft has since announced that it will provide greater security support for its slightly older technology.

Here are some simple steps that computer users and network administrators should do to reduce the risk of cyber crime against themselves and their businesses:

1. When you get a notification from the manufacturer of your operating system about a software update that contains a security update, do the update immediately. There are many security tools (‘patches’) that come with those updates that are built to withstand the latest cyber threats.

2. Store all of your computer data in backup drives that are not connected to your computer such as portable backup drives that you disconnect after saving, or an internet backup server such as iCloud, Google Drive, Dropbox, Mega, or Tresorit, to name a few.

3. Two-factor authentication (2FA) adds a second level of security. In addition to a username and password, 2FA requires anyone logging in to your account — whether you or someone else — to have a third credential before being able to access the account.  That could be a PIN number, another password, even a  fingerprint or iris scan which is unique to you.

4. Download and install anti-malware software from a reputable source, such as Malwarebytes.

5. Make sure to download the most up-to-date firewall and anti-virus technologies available.

6. Avoid downloading any program/software from the internet when you are unsure of the origin or credibility.

7. Never conduct confidential business over unsecured wifi services in a coffee shop or other public spaces.