Ransomware Attack: 5 Things You Should Know About Cybersecurity

NEW YORK CITY, NY — The massive cyberattack that swept across the globe in recent days has begun to slow down, but it has revealed the vulnerability of much of the world's vital information infrastructure and the potentially devastating cost. Using ransomware known as WannaCry, hackers locked users and institutions out of their computers unless they paid a fee of $300 in bitcoin.

According to the White House, the attack affected more than 300,000 computers."The good news is the infection rates have slowed over the weekend," said Homeland Security Advisor Tom Bossert. He added that around $70,000 had been paid in ransom, but the White House was not aware of any individuals regaining full access to their data.

And while there's an update to Windows that will protect users against future attacks of this sort, hackers and scammers are always innovating to find more and different ways to use our information technology against us. So how can individuals and countries protect themselves against future attacks?

Here's what you should know.

1. Keep your software and operating system updated.

Despite the breadth of the recent attack, anyone who had the most recent updates to their operating system was relatively safe. Microsoft knew about the vulnerability that allowed the ransomware to proliferate and had created a patch to prevent the cyberattack, but systems without the patch, which, it turns out, were plentiful, became potential targets.

"The best thing a person can do is keep their operating system up to date with all known patches," said Alex Heid, chief research research office of SecurityScorecard, a computer security service in New York City.

Everyone hates having to install constant updates to their computers, of course — but it's much worse to find your computer has been taken over by ransomware. And though the most recent incarnation of this worm mostly targeted people through vulnerabilities in users' operating systems, others can come through outdated versions of web browsers or browser plugins, so these must be consistently updated as well.

2. Use strong passwords and anti-virus software

Anti-virus software is also a strong line of defense against potential cyberattacks. Though they can only protect against viruses and vulnerabilities that have already been discovered, they will still significantly lower your risk of being infected.

Also standard advice, but always important to remember: Keep your passwords strong by using a unique combinations of letters, numbers and symbols, and remember to change them periodically. Avoid, at all costs, simple and predictable passwords like your birthday or simple numeric patterns.

3. Beware of suspicious emails

Train yourself to become suspicious of any unsolicited emails — particularly those with attachments or links. Often, phishing emails will pretend to be companies and ask you to enter personal information, though if you check the sender's email address, it's frequently does not use the actual company's URL.

Learn more about how to avoid phishing scams.

But unsafe emails can also come from people you know. The recent Google Docs scam spammed users' contacts lists, so victims usually received the unsafe links from people they knew. There's no surefire way to prevent being tricked by these types of scams, as every variant will be different, but users should regard skeptically any email-based requests to open attachments or click links that are unusual.

4. Back up your valuable content frequently.

One habit that would have helped many victims of the recent WannaCry ransomware is backing up your data. As long as you have your data backed up on the cloud or on a hard drive separate from your computer, it should be protected in these types of attacks. However, the trick is maintaining a consist habit of creating backups of your most important files, because you never know when a cyberattack will strike.

5. These attacks will only continue

But we can be certain of one thing: There will be more attacks like the one the world experienced this weekend.

"It’s a new era when it comes to hacking attacks," said Heid.

Heid noted that the National Security Agency appears to have played a role in discovering the vulnerability that the hackers used to launch WannaCry over the weekend.

"It’s essentially an arms race," he said. "It’s a given that governments are going to participate in this kind of research."

He added: "What’s concerning is when these tools aren’t being properly guarded. And then they’re being leaked to the public."

Photo by Michael Bocchieri/Getty Images News/Getty Images