What You Can Do About Ransomware

Image of computer code with a lock in front of it

A ransomware attack that is called WannaCry has affected over 200,000 Windows PCs in 150 countries. And the attack continues. Nonprofit, church, library, and foundation offices are vulnerable to this malware.

Malware can disable your IT (information technology) system until a ransom is paid. Here is more information about how you can protect your organization.

What Is Ransomware?

Ransomware is malware that comes into an IT network mainly when computer users open an unknown email attachment or click on a web link. The malware disables and encrypts the files in the IT system. Then the malware demands payment, usually in Bitcoin.

WannaCry Ransomware

The WannaCry malware is the latest ransomware attack in a series of them. This computer virus is also known as WannaCrypt, Wana Decryptor, or WCry. This particular type of ransomware uses a weakness in the Microsoft Server file system to attack.

Apple products and systems that are based on Linux or Unix operating systems are not at risk, unless they run Windows System Emulator. Infected users are presented with a screen that demands a $300 to $600 payment to restore their files.

How to Protect Your IT System

We recommend these actions to help keep you safe from ransomware attacks.

1. Use These Microsoft Resources

2. Back Up Your Critical Data and Documents

If malware attacks your organization, it is essential to have your important data and documents backed up. Your data and documents should be stored in the cloud or on a hard drive that is not connected to your IT system. After an attack, your computers or servers may need to be re-imaged. (Their files may need to be restored from a backup.) TechSoup offers services for cloud storage, such as the Box donation program.

3. Update All Your Windows Software and Enable Automatic Updates

Because WannaCry malware attacks Windows operating systems, it is important to run Windows Update on all Windows devices. It is also essential to run Windows Update on Windows Server software and enable automatic updates on all Windows devices.

Do your organization's computers run old versions of Windows like XP or Server 2003? These software versions are unsupported by Microsoft. This means that security updates are no longer issued for them. It's a very good idea to upgrade to supported versions if you can, such as Windows 10 and Windows Server 2016.

4. Don't Use Pirated Software

If your organization has non-legal or pirated software, this is a major security risk for your office. This is especially true for operating systems like Microsoft Windows or Windows Server. Pirated software is not updated by its original maker, and so has security vulnerabilities that malware can easily exploit. To have any amount of cybersecurity, it is very important for your office to have authentic and properly licensed software that is updated regularly.

5. Use Antivirus Software and Keep It Up to Date

It is important to have antivirus and malware protection software for your IT system that is up to date. This type of protection is designed to stop cyberattacks before they infect your IT system. The Bitdefender donation program through TechSoup provides antivirus and security software.

6. Be Very Careful with Email

Email is one of the main infection methods of all malware and specifically of WannaCry ransomware. Be careful of unexpected emails, especially if they contain links or attachments. If you find a suspicious link, before you click on it, you can go to the free virustotal.com service. It will tell you whether or not it has been reported as a dangerous link.

Also, be extremely careful of any Microsoft Office email attachment that advises you to enable macros to view its content. Unless you are absolutely sure that this is a genuine email from a trusted source, do not enable macros and instead immediately delete the email.

7. Enable the File Extensions Option in Windows Settings

There are particular file types that pose the greatest security risk to all users. It is helpful to see what kinds of files you have been asked to open. File extensions like .exe, .vbs, and .scr are the dangerous ones. To be able to see file extensions, enable them in Windows Settings.

8. If Your Computer Does Get Infected with Ransomware …

If your computer becomes infected, shut it down and disconnect it from the Internet and your network. This limits the spread of the infection. Also, cybersecurity experts say that you should not pay the ransom. Avoid that if you can. The alternative, to rebuild infected machines, is not great either. However, it does make it less likely that cyber blackmailers will come back.

Unfortunately, new WannaCry ransomware variants are expected to appear in the future. And new malware of other types will also try to attack our IT systems. However, the seven points that we have described above will help to protect your IT system against future online threats.

Image: portal gda / CC BY-NC-SA

This work is published under a Creative Commons Attribution-NonCommercial-NoDerivs 4.0 International License.