The Latest Ransomware Attack Proves We Must Be More Vigilant
The alarming news that criminal hackers released a new strain of ransomware, WannaCry (WanaCrypt0r 2.0), that spreads itself automatically across all workstations in a network has been hard to miss over the past few days. Disguised as a phishing email attachment, this ransomware is causing a cyber pandemic.
From FedEx to Nissan to hospitals in the UK, hundreds of thousands of machines have been infected in more than 150 countries. Those numbers were only expected to rise as people started their work week.
“This is the biggest and most explosive ransomware attack on record,” says Adam Levin, CyberScout founder and author of Swiped. “This is a wake-up call that businesses can’t just rely on the patch-and-pray method of securing systems and that government agencies can’t just exploit backdoors in the name of national security. That’s because these can often be the gateway to making us all targets of cyberattacks. Since ransomware is on the rise and a tool of choice by cybercriminals, consumers should be on high alert for phishing schemes.”
What is WannaCry?
As many have learned, ransomware starts with an unsolicited email, which is designed to trick you into clicking on an attachment or visiting a website. The ransomware takes advantage of flaws in a computer’s operating system to force it to run the ransomware code. It then encrypts important files on the system and demands a payment using the digital currency bitcoin. The WannaCry ransomware uses a flaw in Windows to replicate itself and spreads across an entire computer network. The ransom starts at $300 for the first six hours. You’ve got up to three days to pay before it doubles to $600. If you don’t pay within a week, the ransomware threatens to completely delete the files.
“This one took advantage of a vulnerability discovered with Microsoft and, in particular, older versions of the software,” says Levin. “There are many parts of the world, like Asia, Russia, and Europe, where people are using pirated versions of Microsoft as well as outdated versions of the software. That’s why it was able to spread so quickly.
“The reason why it hasn’t yet hit the U.S. with such force as it has in other parts of the world is because the U.S. tends to be more aggressive in updating,” he continues. “However, this is a warning to those who ignore those updates. You can’t just flick it aside like it’s a mosquito because it interrupts your day. Failure to update will create a far greater interruption to your day. When the company upgrades its software and no longer supports the version you are using, you have a problem. There is no greater illustration of that problem than what is happening right now across the world. It's why updates and upgrades are so important. This recent attack shows with granularity what can happen.”
If you’re suspicious of an update notification thinking it might be malware or a phishing attack, you can easily verify by going to the software provider’s website. “Never trust. Always verify!” says Levin. “Because, at the end of the day, the person who stands to lose the most is you.”
What do you need to do?
- Never click on links and attachments. Be very careful when you get an email with an attachment you did not ask for. If there is a .zip file in the attachment, do not click on it and delete the entire email. When you are in doubt about an email, throw it out.
- Secure your devices with the most up-to-date antivirus software. “That may also mean your mobile devices,” says Levin. “Think of how many people hook into their systems using a mobile device, and that mobile device may also have unverified apps that have been downloaded.”
- Always back up your data and have a strong recovery program for your data. “There are third-party providers out there that will offer off-site storage – specifically, for situations like this when you have a ransomware attack. You can wipe the hard drives clean and essentially press a button and get your data restored,” he says.
- Make sure all the latest Windows security updates are installed on your computer. If you are unable to install all Windows updates, you should at least install the updates discussed in the Microsoft Security Bulletin MS17-010.
What about ag?
While there have been no reports of agriculture companies being affected by WannaCry that’s not to say the industry is not at risk. It’s not a matter of if agriculture will become a victim but rather when. Protecting your system from a phishing email attack has never been more urgent.
“Ransomware is not about what your data is worth to someone else,” says Levin. “It operates solely on the principal of what your data is worth to you and what the absence of that data in your life or your business is going to do to you.”
He cites a recent article that appeared in the New York Times that talked about a small manufacturing firm in the Midwest. “It said nobody thought anything about what would happen if a little company got breached,” says Levin. “Because this little company had big customers, it had to realize the fact that it was a target. A lot of times, the big business has beefed up security. However, a smaller business either can’t afford it, doesn’t know enough about it, or doesn’t believe it can do anything about it anyway.”
If you think your information is not at risk because a cybercriminal couldn't possibly care about what is on your system, Levin says to think again.
“The one message I try to leave people with, including farmers, is when it comes to hackers and scammers, we are all Kim Kardashians. We have what they want,” he says. “You have to worry about this. You have to worry about who you have relationships with and how your data is being protected. You need to know what recourse you have if the data is breached. You also have to be watching your own systems. Could somebody be crawling around in your systems and getting trade secrets, intellectual properties, or soil data? You can’t rely on the premise that you're too small for someone like a hacker or scammer to be interested in you.”
As agriculture continues to become more digitized, that vulnerability will only increase. “The other issue you have in farming is that it’s very decentralized, which is somewhat similar to the health care system,” says Levin. “Think about every device you may have as part of your business and home that are linked to the IoT. Not only is it your responsibility to monitor your own systems, but you must also read the fine print of a provider’s contract to see where that company’s liabiability ends and yours begins.”
Levin says in order to combat this issue, you need to approach it on three levels.
- “Businesses have to get far more aggressive at looking at vulnerabilities and patching them as quickly as possible,” he says.
- “Consumers have to understand the fact that they are in partnership with business and government,” Levin explains. “When you are notified that there is an update, you have to do that update. You can’t say I’ll do it tomorrow, because what we’re seeing right now is what happens when you put it off until tomorrow.”
- “The government has to be far more forthcoming in sharing threat assessments with businesses,” he says. “Even if the government doesn’t want to share threats with the public, at the very least, it has to share them with businesses when a vulnerability is discovered.”