SAN FRANCISCO — A fast-moving ransomware variant has infected tens of thousands of computers in at least 112 countries. Though the initial infection was stopped by a quick-thinking security researcher, at least 452 variants on the malware are currently infesting the Internet. Here’s what you should do to protect yourself.
The ransomware in question, WannaCry, relies on a flaw in the Windows 10 code for which Microsoft issued a patch on March 14. It’s crucial that customers allow their computers to automatically patch themselves when patches are issued. Machines that contained the patch are much less at risk than those that didn’t.
Older Windows versions can also be infected. You need to know what version of Windows you are running to get the proper patch — an add-on piece of computer code to upgrade and improve software, in this case the Windows operating system. Microsoft’s web site tells you where to look to verify what version you have. For Windows 10 users, go to the Start button, type in “About Your PC” and select that, then look under PC for the version, edition and system type (32-bit or 64-bit version).
If you have automatic updates enabled on your computer, you will have gotten the patch in March. It not, you can go to the Microsoft website and find the proper patch to download. Once it’s downloaded, the update file will walk you through the install process.
Don’t use pirated software
One reason many security researchers think eastern Europe and Asia may have been hit harder than other areas is because there’s a higher incidence of the use of pirated (i.e. unofficial, non-registered) software in those regions. If you’re not running a legal, official copy of Windows you can’t register it, which means Microsoft can’t send you updates about security patches. Free software can end up costing you a lot.
The WannaCry ransomware appears to only attack unpatched computers running Windows. But this doesn’t mean those whose computers run on Apple or Linux code should feel smug. They, too, should regularly update with software patches as they’re issued.
If you’re not on a work network that already has security, consider installing some form of security program on your computer. There are many possibilities and all provide at least some protection, even if it’s only reminders to be cautious when downloading potentially infected files.
Backup your system fully and on a regular basis. That way even if you’re hit with ransomware you’ve got all your files protected elsewhere. Note this means that the backup can’t be on your computer but should be in the cloud or on an external hard drive.
Don’t grumble when your system administrator at work takes the network down periodically to update systems, which usually includes installing new and often critical software patches.
Close up those ports
When you’re using public WiFi networks, make sure you tell your system that you’re on a public network (many will ask if it’s a public or home computer.) That tells your operating system that it’s functioning in a potentially threat-filled environment and it will close off some of its more vulnerable software ports to the outside.