TL;DR – Who, What, How?
Over 200,000 computer in over 150 countries were hit by the WannaCry (or WannaCrypt, WanaCrypt0r 2.0, Wanna Decryptor) ransomware attacks since 12 May.
One of the worst hit was the National Health Services (NHS) in the UK, where as many as 16 hospitals were forced to shutdown due to the ransomware attacks. Closer to home, two major hospitals in Indonesia, including the nation’s largest cancer hospital, were also hit.
Singapore has not been spared either, although thankfully, the impact appears to be less crippling and widespread. Amongst those affected were the systems at Tiong Bahru Plaza and White Sands. As of now, some 500 Singapore IPs have reportedly been hit by the WannaCry ransomware attacks.
What is Ransomware?
Ransomware is a type of software (malware) which prevents or limits users from accessing their system by locking their system’s screen or their files, unless a ransom is paid.
Anyone can be hit by this and if our systems have been affected, we will see this popping up on our screens. And if we don’t pay the ransom within the three days’ deadline, the ransom amount will be doubled.
What is Cybersecurity?
Cybersecurity refers to the measures to protect a computer or computer system (as on the Internet) against unauthorised access or attacks. Some practices include installing antivirus and web security software on devices and using Virtual Private Network (VPN) services when tapping on public Wi-Fi (however, some public Wi-Fi block VPN services). Additionally, users can install password managers such as lastpass.com and 1password.com.
Personal Tips for Cybersecurity
For a start, there are four things you can do to protect yourself from ransomware:
- 1. Always update to the latest security patch provided
Most software providers, commonly Microsoft and Apple, will issue new security patches. You must update these at first opportunity. The current attacks happened before most of the Windows devices were updated with the latest security patch.
- 2. Always backup
According to Heimdal Security, ransomware usually targets devices with no data backups, or backups that are difficult to access. If you’re using Windows, you may use Windows built-in backup tool. If you’re using Mac, Time Machine is the preferred choice.
- 3. Use VPN when using public Wi-Fi networks
VPN is a technology that enables a secure connection over a public network. Some of the service providers include strongvpn.com and hidemyass.com. However, some VPN provider networks can be slow, so we recommend that one researches for the best suited option.
If you are unable to use VPN when tapping on a public Wi-Fi network, there are other measures such as those on Lifehacker, which includes accessing only HTTPS site; using mobile data; switching off sharing options; and ensuring your firewalls are updated and activated.
- 4. Use password management software
Always have more than one password. Password management systems help to manage all your passwords in one place. You can have different passwords for all online services (and offline) and systems like 1password.com will help you remember them. For example, if you need to enter a password for Facebook on your smartphone, you can access your 1password via a password or fingerprint recognition, and it will provide you with your Facebook password.
How to remove ransomware?
In the event that your computer system is infected with ransomware, you may visit SingCERT for the latest recommended measures.
The above is brought to you by the Singapore Cryptocurrency and Blockchain Industry Association (ACCESS), Singapore Computer Society (SCS) and Singapore FinTech Association (SFA). All three bodies are part of NTUC’s U Associate programme – a network of professional guilds and associations by the Labour Movement to reach out to working professionals.