All weekend, computer systems around the world have been hit by a ransomware attack termed “WannaCry.” Ransomware is a nefarious cyber-security attack that essentially holds your computer and its files hostage until you pay the requested amount of money
to unlock it. Ransomware attacks have been on the rise over the years, but this weekend’s attack has been especially widespread and nefarious, attacking the NHS in the United Kingdom, public and private businesses (such as FedEx), and likely more governmental entities than any of us would like to consider. The cyber-attack, however, also highlighted a number of easily fixable security holes in home and business computers. If your students are interested in talking about this event, here are some best practice tips you can give to them to keep their systems safe and secure:
Keep Your Systems Up to Date
The majority of the compromised systems were out of date. For example, a large number of them were running Windows XP. Microsoft stopped releasing security updates to its Windows XP system more than two years ago. Even so, an alarming number of systems still run on this out-dated OS. Others were running more recent Windows operating systems, but they had not installed critical security updates. As comfortable as we get with our operating systems, it is imperative to keep them up to date for this very reason. I’ve heard people comment that they don’t update because they “don’t want their computer/phone to stop working.” The reality is, the opposite is true! By not running critical security updates, your system becomes susceptible to malware and hacking, which will at best slow it down, and at worst, will lock down your system.
Don’t Use Pirated Software
Aside from the ethical implications, pirated software is a significant security risk. First, you never really know what you get when you download and install that package. Additionally, if you run unregistered software on your machine, then you also cannot run critical security updates. This easily compromises your system. Wide-spread software piracy is prominent in some countries, most notably China and Russia. However, I’ve also seen it in a number of offices and homes right here in the United States. For example, rather than pay for an office/home-wide Microsoft license, users will purchase one or two licenses and install on multiple devices. Cutting these corners also might safe you some money in the short run, but the security loopholes leave you at greater risk.
Educate Yourself about Phishing
Phishing is a nefarious means of getting a user to click on a link or a file to install malware onto their device. Some phishing attacks are sloppy and obvious; they are replete with typos and non-sequiturs. However, phishing attacks have gotten more sophisticated, including spoofing accounts to make an email look like it came from a friend or a colleague. Always exercise caution and skepticism when opening an email that doesn’t quite “feel right.”
As more data is moved to the cloud and we are reliant on digital systems, the more commonplace cyber-attacks will be. Educating your community and students about the current attacks can help to prevent the next one!