As this is being written, a wave of ransomware has spread across the globe, encrypting people’s data and demanding 300 euro in bitcoins to unlock. If you don’t pony up in a week, it goes to 700 euro. After two weeks, it stays locked.
The WannaCry (or WannaCrypt) ransomware, as it is known, results from a known vulnerability in the Windows operating system. We can blame a group of hackers who published data on vulnerabilities gathered originally by our own National Security Agency for use in cyberattacks on hostile nations. More than 200,000 users in 150 nations were hit in the first wave of the attack, and many more are expected, despite efforts to thwart it.
Most of the successful targets were systems running Windows XP, an operating system that’s support from Microsoft ended in 2014. It may seem incredible that so many are still doing so, but large organizations with tons of computers have been slow to change — too slow, as it turns out. Britain’s National Health has been particularly hard hit, but there are reports of Chinese universities also infected. It was reported back in 2014 that large corporations, such as Bank of America, had contracted with Microsoft to keep support after the free support ended.
Even more surprising were recent reports that the U.S. Navy has paid Microsoft $9 million a year for extended XP support since 2015.
What Now?
Two things have happened that may slow the spread of WannaCry, but probably only temporarily. First, a malware researcher at a U.K. company called MalwareTech discovered what is called a “sinkhole” in the attacking software, and by registering a new domain name for $10, was able to turn off most of the spread. You can be sure that those spreading the malware (and collecting the ransoms) will quickly fix that and release a new version.
Also, in an unprecedented move, Microsoft released a series of patches for old systems that it no longer supports, such as XP or Server 2003. Go to https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks. You will be led to a post on their TechNet site that has patches.
Microsoft had already released updates in March for newer supported systems, and if you have automatic updates on, you should be OK. If yours are not automatic, this would be an excellent time to make that so.
Yes, it may be scary to cede that control of what to install to the evil that is Microsoft, but situations such as this instance may overcome that wariness.
This also highlights the need for decent backups. While many ransomware schemes will try to find connected drives (and even servers) and infect them, having an external hard drive with backups set for once a week or more can help. Better yet, have two external drives (they have gotten as cheap as party favors now) and swap them weekly; that way, you’ll have the “old” one to fall back on.
You could also consider an off-site backup service such as Carbonite. For about $5 a month, it could be your salvation.
Other Nasty Things
So the “Internet of things” (or the “IoT,” in happening language) is proceeding, if you have the money and inclination for it. This has expanded from Internet connected thermostats and wireless cameras to many different appliances. There is, for instance, an Internet-connected toaster oven, the June Intelligent Oven, that costs $1,500 and is, essentially, well, a toaster oven. Can it recognize what you put in and adjust? Sometimes and perhaps. For that kind of money, it should dance and sing while toasting, just to keep us amused. And there are LIFX Color 1000 light bulbs that you can control with a smart phone or Amazon’s Alexa (another IoT gadget). Price? $49.99 each.
You know, for that amount of money I’ll spin in my own colored bulbs, if I’m in the mood for a flashback.
Anyway, all these potential ways into your home network have not gone unnoticed by the hackers. A virus named BrickerBot is now out that “bricks” IoT appliances, thus rendering them expensive counter decorations. And your DVR, router and smart coffeepot can be used as agents to spread Internet denial-of-service attacks or as botnet machines.
Since very few people will change the default password on their router, for instance, they are open far more than the computers that have usually decent protection. You’re not likely to see firewall protection on your coffeepot.
But maybe, just maybe, having to set your own time to start brewing in the morning by pushing a few buttons could be worth it.
Actually Pretty
Add another place to your “have to visit next spring” list — the azalea gardens at Brighton Dam, at the end of the Triadelphia Reservoir, which encompasses more than 22,000 azalea bushes over five acres to wander.
Started in the late 1950s, it does show some signs of reduced funding, but is still a lovely place for an afternoon stroll. And it makes you forget hackers.
Cliff Feldwick is owner of Riverside Computing, and offers PC troubleshooting, network setups and data retrieval for small businesses. He can be reached at 410-880-0171 or at [email protected]. Older columns available at http://feldwick.com.