About Those Cyber-Attacks

World-wide cyber-attacks disrupted commercial enterprises, hospitals, and other institutions last week. The culprit: ransomware. Apparently it's a kind of evil software that infects a computer and holds the data of said computer ransom. If the owner doesn't pay a sum of money to the hacker behind the ransomware attack, the data will be erased from the computer. Last week's attack targeted organizations that employ computer networks. Once inside the network, the ransomware spread to all its computers. Companies such as Fedex were told to pay up or have their data erased.

This is serious stuff. While ransomware isn't new, the broad-based extent of these attacks is. Some organizations have been advised to simply pay up, as fixes aren't readily forthcoming. Others apparently have attempted to battle the ransomware before conceding defeat. The full extent of the disruption of these attacks will likely not come to light. If an organization pays up, they probably won't share the details with the public. If they fight the hack and fail, they're not likely to fess up. If they fight the hack and succeed, maybe they'll brag about it. But they're not likely to say just what they did that succeeded, so as not to reveal their "secret" to the hackers.

Okay, so what's it all mean to us ordinary folks and our laptops and other devices? Not being an expert, and having meager technical knowledge and skills, I'm reluctant to say too much here. But if we break down the threat into its component parts, we might be able to learn some lessons that could prove helpful in preventing such an attack from holding us ransom. 

First of all, know that hackers exploit vulnerabilities in your computer's operating system. These vulnerabilities are like little (or big) windows through which the thieves can crawl and steal your stuff, or, in the case of ransomware, hold it ransom. If you've ever had your house broken into by thieves who came in through a window (or even if it's not happened to your house), you can easily picture this. In the case of a house, you can install an alarm system, or even put bars over any vulnerable windows. In the case of your computer, there are two basic methods of either making sure the windows are locked, or being warned if they're broken into.

 Installing and updating anti-virus protection would be one obvious method. The other, even more fundamental way is updating your operating system as updates are made available. Note the key word: updated. Updating requires a certain discipline. For example, if you own any kind of device, you likely know that the operating system needs updating. A Windows-based system, the operating system targeted in this latest and greatest hack will need updating from time to time. Microsoft (the creator and distributor of Windows) provides updates as they deem prudent. The same applies, of course, to Apple's various OS (Operating Systems). Do you have your device programmed to alert you when updates are made available? If not, do so. Once you get that in order, you need to respond to the notifications and - you guessed it - actually perform the update. This typically nothing more than a few clicks, so there's not excuse not to do this in a timely fashion.

You'd be surprised how many people don't do this. Oh, you're not surprised? In fact, you're one of them? Okay, I've been guilty of this in the past too. But it's just so easy to do these days, you really have no excuse.

Updating your operating system will help you avoid much pain and sorrow, since many updates close vulnerabilities (those potential open windows) in the system. The same updating discipline obviously applies to any anti-virus software you've installed. As for the anti-virus software, it will serve as an alarm that both warns you of an attack and provides a way to fight back. When the updates are provided, download and install ASAP. Again, a few clicks won't tax you too much (I hope!). Got it?

These updates are created both in response to existing threats, and in anticipation of future threats. Unfortunately, hackers are generally one step ahead of the rest of mankind. Their peculiar talent is to be able to overcome or circumvent all attempts at prevention. Many of them make a pretty good living doing this as paid minions of governments or corporations. Governments employ them to attack other governments. Corporations employ them to attack other corporations. Why they do this you can imagine. The important thing is that they provide employment opportunities of hackers, who gladly do their bidding.

At this point, naturally, we can conclude that even with our diligent efforts to update our operating systems and anti-virus software, hackers will gain the upper hand. And, sadly, that's likely the case. However, there is one more step that we all need to take, and it will at least provide some substantive defense against cyber-attacks: Back up your data.

Again, too many of us don't do this, for a whole host of reasons: laziness, don't know how, don't care, and so on. And, again, I was guilty of this for many years. And, yes, as you've likely heard from others who've suffered the consequences of loss of data, it took such a loss to give me religion here. Whether you've lost data because your hard drive failed, your computer crashed, you lost or had you laptop stolen - whatever the reason, I assure you the trauma of losing data can serve as a motivator for regularly backing up your data.

Surprisingly, many folks with tech skills - who should obviously know better - are guilty of not backing up their data. But don't let this serve as an excuse not to do anything. Of course not! Wise one that you are, you'll be sure to make backing up your data an integral part of your life. And, as you may suspect, it's not really hard to do, so there's no excuse.

You can find cloud-based services for a very reasonable fee who will provide ongoing back-up of all your data. You pay them and they do the rest. You can also back up your data on a separate hard drive. And you may not need a bulky or expensive hard drive here. A simple flash drive might suffice for many of us. Stick the thing into your USB port, click a few times, and - voila! - you've got a hard, local copy of your data. In fact, you can take a "belts and suspenders" approach and do both. Once you get into the habit of backing up onto a flash drive let's say once a week, like any other good (or bad for that matter) habit, it will take hold and you'll keep doing it. Life won't seem normal without that weekly back-up. And, again, if you don't want to do the hard drive back-up, the cloud-based service more or less does all the work for you.

While this won't prevent hacks. you'll at least have your data secured and not subject it to ransom. It may not be a perfect solution to cyber-attacks, but it's certainly better than the alternative.

So just using a sprig of reason and a dash of common sense, and with a minimum of technical knowledge, we can go a long way to defending ourselves from these evil-doers.

One last thought: The peace of mind from having your data backed-up will serve you well and provide great comfort if ever you're compromised, be it by crashes, hard drive failure hackers, thieves - whoever and whatever. There's no reason to for the enemy to appear before taking action - no need to hold your fire until you see the "whites of their eyes." Take it from one who's seen the whites of their eyes more than once.

Comments

Popular Posts