So an ambitious hacker used the Wikileaks documents that showed how spy agencies could hack anything at any time to carry out a global ransomware attack. As a result, millions of people, and lots of businesses, hospitals, airports, airlines, mass transit agencies and more were victimized. They were held hostage for money by the ransomware Wanna Cry. We still don’t know what the fallout is, but never the less it was almost a technological apocalypse. If it wasn’t for the quick-thinking of a 22-year-old cybersecurity analyst, who knows what would have happened?
Wanna Cry and Ransomware work by simply locking your computer files and demanding you pay to get them open. If your computer holds essential information for yourself or business, it’s got you. It gets into your computer by downloading malicious files from the internet. So be careful what you are downloading. It just takes one person to create the vulnerability. Regardless of what cyber security software you have. Basically, if you get a popup warning about a file, and you don’t trust the source, don’t allow it to download. It just takes one person to authorize the download and it circumvents the security.
Reset your PC to factory settings or to a backup setting. If you have a backup setting on your PC that allows you to set it back to a specific day and time, use it. If not, or if that doesn’t work, go nuclear. Reset it to factory settings and delete all files. Hopefully, you have a backup hard drive or you saved the important documents on the cloud like google drive. If this PC is for work, hopefully, your IT department has something for backup and recovery. If they don’t, they need to buy something for future incidents.
It was a massive and ambitious attack. Thankfully it was thwarted, but that doesn’t mean people got away unaffected. Hospitals had to turn away patients, this alone should show the gravity of the situation. Things we rely on everyday to just be there and work, and we don’t bother to understand why and how, were not working. The scale of the attack is what is most frightening. Someone did this across multiple countries. There never has been something like that before.
This started because the hacker/s read the leaked documents from the NSA on Wikileaks and decided to act on the vulnerabilities it spotted. Now begins the debate. Should the NSA and spy agencies have that knowledge? Should they have shared it with tech companies to patch their products and solve the vulnerabilities? Can spy agencies keep knowledge like this completely safe? What gives them the right to collect this information? What else could the leaked documents be used for? There needs to be a serious discussion over this, however for the United States, it will be on the back burner of the administration.
Back in the 1950s there used to be nuclear bomb drills, as if hiding under a desk would ever save you. Now in the digital age we do nothing to train people on how to prevent and react to cyber attacks. Your cyber security is as strong as your weakest link. Which is often and employee ignorant of cyber threats. You can have the most expensive cyber security software and people, but that one person who thinks they actually won a free cruise clicks the email, it’s game over. So we need to train non-IT people to be better at preventing cyber threats. That will actually do some good. Cyber terrorism is growing and the cyber security industry is trying to keep up. But giving the average person the skill set to prevent attacks with knowledge and good judgment will carry far.