Things have cooled down quite a bit from the recent outbreak of ransomware that you might have heard about. In summary, WannaCry (aka. WCry, WannaCrypt, etc.) is a virus that uses a security exploit in Windows operating systems that allows it to encrypt the precious
‘research material’ files on your computer, permanently removing your access from them until you pay up.
It’s been a real shitstorm for myself dealing with client concerns and checking WSUS (software used by businesses to monitor and roll out Windows updates) at every site. So here’s a reminder to keep your OS up to date, especially if you use Windows. You’ll want to make sure that you’ve got everything from Microsoft Security Bulletin MS17-017 that applies to you, which should appear in Windows Update as the “March 2017 Security Monthly Quality Rollup for #####”, and while you’re at it, make sure you’ve got the April and May updates as well. Remember to stay up to date – given the scale of this incident and its influence, I would strongly suggest that you install security updates as soon as they are made available. If you run Windows 10, the almighty Microsoft forces these updates on you like a dictator, hooray!
For those out there who may argue that patches break stability and cause issues, I’d seriously weigh up the arguments for each side. When shit hits the fan, it’s a lot easier to tell clients (or whomever) that they’re protected, rather than have to deal with the issue under pressure. And…backups should be there so that you can roll back if necessary. It’s also great to do some research on each patch as well, just to make sure that it doesn’t pose any major issues.
While I’m on this topic, I think it’s important to stress the need for backups as well. While a copy of vital data on a USB stick is all well and good, it’s not much good if it isn’t regularly updated. It’s better to use backup software such as ShadowProtect or Ashampoo Backup to keep daily (or even more frequent depending on your needs) incremental backups on an external hard drive, network location, or in the cloud. This way, even if a computer is compromised or decides to retire itself, the data is somewhere else. Best practice would also involve keeping a regular copy of those backups in some off-site, offline location, though that’s probably going too far for home use.
Another tip would be to use a standard user account, and only use an administrator account for elevations (Run as administrator) when necessary. This can stop potentially damaging software from causing overly serious damage to the OS.
Finally, set your anti-virus or firewall alerts to ‘verbose’ and ‘interactive’ if it doesn’t bother you too much. It’s helpful to know what goes on in your filesystem, and what changes each application makes to it and the registry. ESET does a great job of this, and their software can be set to show and prompt for every registry, network or filesystem access.
There’s much more you can do to keep yourself safe from the modern threats of the landscape, and the power to implement them is always in your hands. For those with managed IT systems, you can always do your own checks and liaise with IT to make sure you’re protected as best as is possible. Of course, security is sometimes an illusion given that the NSA or bloody communists might have access to everything, and if you do feel that there’s something fishy going on, the best protection is to keep a tin-foil hat on your head at all times, and to lock everything you own inside a Faraday cage.