The United Kingdom was recently hit by a massive ransomware attack that crippled more than 20 percent of hospitals and disabled systems in approximately 74 countries.
The attack appears to have been inadvertently stopped by a 22-year-old computer security researcher in England, according to various news outlets.
Following the attack, many have commented, wondering what could be done to combat this type of threat.
Ransomware is described as a "type of malicious software that infects and restricts access to a computer until a ransom is paid", according to the United States Computer Emergency Readiness Team (US-CERT).
With this going on, US-CERT does state certain practices people should follow:
Advice for WannaCry Ransomware threat
- When clicking directly on links in emails, be careful, even if the sender appears to be someone you know.
- Independently attempt to verify web addresses.
- When opening email attachments be cautious, particularly of compressed or ZIP file attachments.
- Update to latest version as soon as possible and follow the best practices for Server Message Block (SMB)
Practices for patching and phishing
- Make sure applications and operating systems are upgraded with the latest updates. Vulnerable apps and those systems are target for most attacks.
- Be suspicious of phone calls, emails and etc. from individuals asking about information that is unsolicited. If an unknown person claims to be from a legitimate organization then verify it.
- Avoid providing or sharing any personal information, financial information in email when dealing with an unknown entity.
- Be cautious sending sensitive information over before checking a website's security.
- Pay attention to a website's URL. A fake URL may use a variation in spelling or a different domain (e.g., .com vs. .net).
- Install and maintain anti-virus software, firewalls and email filters.
A Software engineer, Quincy Larson, talked with ABC News about how ransomware is usually spread through users' emails.
"If you are going to be infected by ransomware, it will happen when you get an email or some other form of message that's asking you to download and run it, and when that file runs, then usually, the attacker will encrypt your hard drive, or encrypt part of your hard drive so that your computer is still operable and you can continue to use it, but you can't access all your files," Larson told ABC News.
"It's absolutely critical that you install updates to your operating system and to all your software as they become available," Larson added. "One of the reasons why you download the updates is not just for new features but it's also for additional security."
Remember, be vigilant and careful dealing with potential web threats.