Simple things you can do to protect against ransomware attacks

Experts told ABC News to always update your software and backup files remotely.

ByABC News
May 15, 2017, 8:12 AM

— -- In the wake of a worldwide cyber attack that has debilitated more than 200,000 organizations in over 150 countries, experts shared tips with ABC News on simple things you can do to help protect yourself against a ransomware attack.

Ransomware is defined as "a type of malicious software, or malware, designed to block access to a computer system until a ransom is paid," according to a 2016 U.S. Department of Homeland Security blog post.

This weekend's unprecedented ransomware attack started Friday, but authorities said Sunday that the worst may be yet to come as many people return to work on Monday.

The U.S. Computers Emergency Readiness Team (CERT) issued specific advice to protect against the recent WannaCry ransomware threat that spread this weekend, saying computer users should "Be careful when clicking directly on links in emails, even if the sender appears to be known."

The U.S. CERT also advised to use caution when opening attachments, and to be "particularly wary of compressed or ZIP file attachments."

Quincy Larson, a software engineer and the founder of freecodecamp.com told ABC News that ransomware is usually spread through your email.

"If you are going to be infected by ransomware, it will happen when you get an email or some other form of message that's asking you to download and run it, and when that file runs, then usually, the attacker will encrypt your hard drive, or encrypt part of your hard drive so that your computer is still operable and you can continue to use it, but you can't access all your files," Larson explained.

Larson told ABC News the best way to prevent ransomware attacks is to make sure that every time your operating system or a software asks if it can run a system or security update -- you update it.

"It's absolutely critical that you install updates to your operating system and to all your software as they become available," Larson said. "One of the reasons why you download the updates is not just for new features but it's also for additional security."

Larson said that unlike larger companies and organizations, "individuals are particularly vulnerable because they don't necessarily have recently updated software and one of the best ways you can prevent ransomware or malware in general from getting on your computer is just to make sure that your operating system ... is updated to the latest version."

"Finally, just be very vigilant," Larson said. "You need to constantly look out for emails that seem suspicious, and you need to err on the side of not downloading random files."

Jason Tanz, the site director at "Wired," echoed Larson's sentiments, telling ABC News, "individuals are particularly easy to prey on because most of them are not being extremely up-to-date with their software. They're not necessarily paying attention to all the security updates, and therefore they're more likely to be vulnerable."

Tanz added that "if you're the victim of a ransomware attack you'll open your computer and instead of your normal files you'll see a pop-up appear that says, 'Surprise, we've taken control of your computer and if you want access to your files you need to pay us.'"

Tanz cited this weekend's ransomware attack as an example of why you should always update all your software, saying, "For instance this latest ransomware attack only hit earlier versions of Microsoft Windows."

Tanz said another way to protect yourself against ransomware attacks is to back up your files remotely.

"The next thing is to make sure you're backing up your files every day, and that means on a hard drive that is not connected to the internet," Tanz added. "Ransomware is only effective if you don't have record of the files they're holding for ransom."

Tanz said if you have all your files backed up, it leaves those using ransomware against you, "without any power whatsoever."

"Finally, the last thing to do is to be very suspicious about clicking unfamiliar links," adding that you should also use caution when, "downloading files from people you don't know and sometimes people you do know."