Takeaways From the WannaCry Ransomware Attack

When ransomware makes the front page of newspapers, it’s both a curse and a blessing. The bad news is that thousands of people are affected with data loss and days or weeks of undoing the damage. The good news is that the devastating losses remind readers to protect themselves against malware.

Just under three weeks ago, what was possibly the largest cyberattack in history took place when WannaCry ransomware spread to over 230,000 computers. With organizations like Britain’s National Health Service, Nissan, and FedEx having services disrupted, WannaCry captured the world’s attention.

A Perfect Storm Led to Massive Data Loss

WannaCry had several unique features which made the story blow up. For one, the malware could spread throughout a network using an exploit that the National Security Agency of the United States discovered in older Windows Operating Systems.

Only one person on a network had to accidentally download the ransomware and it would spread to other connected computers. When WannaCry spread laterally through an organization, it infected every computer that was not up to date.

This led to worldwide finger pointing and passing the buck. The British public wondered why their health system was using unsupported Windows software that malware could so easily exploit. Microsoft blamed the NSA for “stockpiling” exploits that were later leaked to the public.

Victims asked why Microsoft didn’t release a patch for older operating systems once they learned of the NSA exploit kit (the company did take the highly unusual step of releasing a patch for older systems in the wake of the WannaCry attack). Government officials looked for the culprit, as the general public grew weary of sophisticated, crippling, and possibly state-sponsored malware attacks.

Modest Profits, Untold Damage

Infections of WannaCry have slowed to a trickle since widespread attention and the Microsoft patch have led to most systems being updated. After infecting over 230,000 computers, the total amount of ransom money collected by the attackers sits at $120,768.

The damage, on the other hand, is incalculable. The NHS had to cancel appointments and divert patients for everything but emergencies while they grappled with the problem. Nissan and French automaker Renault had to close some manufacturing plants to halt the spread of WannaCry.

The full extent of what was lost will likely never be known (nor is it possible to calculate the value of lost personal files, like photos and videos), but due to the sheer number of machines affected, it must be in the millions of dollars.

What Can We Learn From WannaCry?

As we said at the start, the one positive thing about a devastating ransomware attack is that it reminds us to protect ourselves. Let’s not waste the opportunity. Here’s what you can do to guard against malware.

• Always update software to quickly patch vulnerabilities. If you’re using unsupported software, know that you will perpetually be at risk for exploit kits infecting your computer.
• Run an antivirus program to weed out and detect malware.
• Never click on suspicious links or attachments in emails.
• Protect against damage by frequently backing up your files.

Backing up files is the one foolproof defense against data loss from ransomware. If you have current backups of your files, you can wipe ransomware from your machine and reinstall everything fresh without even considering paying a ransom.

The internet is a dangerous place, but a little common sense goes a long way toward protecting your data. Follow the above steps and keep your files safe.