This weekend's global online extortion attack reinforces the need for businesses and other large organizations to update their computer operating systems and security software, cybersecurity experts said.
Here are five tips to make yourself a less-likely victim:
MAKE SAFE AND SECURE BACKUPS
Once your files are encrypted, your options are limited. Recovery from backups is one of them. "Unfortunately, most people don't have them," said Lawrence Abrams, a New York-based blogger who runs BleepingComputer.com.
Backups often are also out of date and missing critical information. With this attack, Abrams recommends trying to recover the "shadow volume" copies some versions of Windows have.
Some ransomware can target backup files, though.
You should make multiple backups — to cloud services and using physical disk drives, at regular and frequent intervals. It's a good idea to back up files to a drive that remains entirely disconnected from your network.
UPDATE AND PATCH YOUR SYSTEMS
The latest ransomware was successful because of a confluence of factors. Those include a known and highly dangerous security hole in Microsoft Windows, tardy users who didn't apply Microsoft's March software fix, and malware designed to spread quickly once inside university, business and government networks. Updating software will take care of some vulnerability.
"Hopefully, people are learning how important it is to apply these patches," said Darien Huss, a senior security research engineer for cybersecurity firm Proofpoint, who helped stem the reach of the weekend attack. "I hope that if another attack occurs, the damage will be a lot less."
The virus targeted computers using Windows XP, as well as Windows 7 and 8, all of which Microsoft stopped servicing years ago. Yet in an unusual step, they released a patch for those older systems because of the magnitude of the outbreak.
USE ANTIVIRUS SOFTWARE
Using antivirus software will at least protect you from the most basic, well-known viruses by scanning your system against the known fingerprints of these pests. Low-end criminals take advantage of less-savvy users with such known viruses, even though malware is constantly changing and antivirus software is frequently days behind detecting it.
EDUCATE YOUR WORKFORCE
Basic protocol such as stressing that workers shouldn't click on questionable links or open suspicious attachments can save headaches. System administrators should ensure that employees don't have unnecessary access to parts of the network that aren't critical to their work. This helps limit the spread of ransomware if hackers do get into your system.
IF HIT, DON'T WAIT AND SEE
Some organizations disconnect computers as a precautionary measure. Shutting down a network can prevent the continued encryption — and possible loss — of more files. Hackers will sometimes encourage you to keep your computer on and linked to the network, but don't be fooled.
If you're facing a ransom demand and locked out of your files, law enforcement and cybersecurity experts discourage paying ransoms because it gives incentives to hackers and pays for their future attacks. There's also no guarantee all files will be restored. Many organizations without updated backups may decide that regaining access to critical files, such as customer data, and avoiding public embarrassment is worth the cost.