Be aware, Be safe
Published: 14/06/2017 12:00 pm
Tariq Hilal al Barwani, founder of Knowledge Oman, talks about ransomware and ways to counter such attacks
What is ransomware?
Ransomware is nothing but a malicious software that locks your computer (an infected computer) as a hostage and demands you pay to the author of the software in order for the computer in question to be let free and accessible by the user/victim. Ransomware is a form of virus that mainly works at blocking the infected device's access and then depending on how the software was created, it first encrypts (as in scrambles the data so it becomes unreadable) and then forbids the user from using the computer until some form of action (which is mostly payment) is done to the author of the software.
There are many forms of ransomware today and these attacks have been wide since 2005 yet every new version of course has a new technique to spread, distribute itself, infect and lock computers away by encrypting data and only decrypt once paid by the victims (without any guarantee of course). CryptoLocker back in 2013 was among the notorious versions of ransomware. Two of the most common ways in which ransomware works is 1) encrypts files, folders and hard drives OR 2) lock users out of the devices until payment is done.
Why was the recent ransomware attack so impactful?
The recent ransomware attack (WannaCry) is by far the largest attack as it infected and impacted more than hundreds of thousands of computers worldwide. The ransomware brought many computers from individuals to private and public institutions from various industries that include hospitals, schools, banks and telecommunications companies to a halt. People using these computers were locked out from using their data and a message was displayed demanding the victims from paying money in order to gain access or lose everything as a result of ignorance. WannaCry is considered more dangerous because it managed to utilize a bug found in the most widely used operating system in the world today, Microsoft Windows. Almost every small, medium and large local and multinational organisations today use Windows. Ransomware as shared above is not new yet every new version or variants is enhanced to do more cruel and impact to computers needless to mention spread faster and wider across the globe.
How was it stopped?
It was not stopped, but it was 'killed' to prevent it from spreading further. So all machines that were infected remain infected.
What are the other major online threats?
There are many online threats actually yet the major ones are 1) ransomware, 2) browser plugins hacks and 3) data breaching. Ransomware locks users out of their machines and demands payment, browser hacks happens as many users download plugins which may be hacked and as result attacked and lastly data breaching is when hackers gain access to sensitive information from computers be it individual or corporates due to weak security measures and infrastructure in place.
Will these ever stop?
No. They will in fact get smarter and more sophisticated especially with new forms of connectivity to the internet and smart technologies. Hackers find these attacks as the most effective ways to make money apart from disrupting the systems in anyway.
What can companies and individuals do to protect themselves from such attacks?
New forms of ransomware viruses appear on a periodical basis and the best way to protect oneself is to educate oneself and be aware. Most of these attacks depend highly on weakness from the computer systems and/or the users themselves. By protecting the computer systems and ensuring users are knowledgable, it becomes almost impossible for the attacks to penetrate in.
Everyday is a new day for these hackers and it is vital to ensure users and the systems are updated in terms of knowledge and patches/fixes. In fact Microsoft did release a patch/fix few months before the attack but many neglected and as a consequence the attack made it into the systems.