X

4 ways to avoid the next Petya or WannaCry attack

There are no signs of ransomware attacks letting up, so make sure you're not one of the next victims.

Alina Bradford CNET Contributor
Alina Bradford has been writing how-tos, tech articles and more for almost two decades. She currently writes for CNET's Smart Home Section, MTVNews' tech section and for Live Science's reference section. Follow her on Twitter.
Alina Bradford
3 min read
James Martin/CNET
Watch this: Why the WannaCry cyberattack is so bad, and so avoidable
hacking-security-hackers-privacy-2893.jpg

Don't give hackers a chance to lock down your computer.

James Martin/CNET

Businesses and individuals have been hit by waves of ransomware in the last few months. The WannaCry attack alone affected more than 230,000 computers in over 150 countries.  

Ransomware is malware that locks down an infected computer. A ransom note appears on screen demanding a certain amount of money in exchange for releasing the computer from the attack.

According to a survey of IT and security professionals by Guidance Software, ransomware attacks in 2017 have not lessened since 2016. Ransomware isn't going anywhere, so protecting yourself is important. 

These steps will get you ready for the next attack and any other malware that may come your way.

1. Don't slack on social media security

The best defense is to have a great offense when it comes to preventing ransomware attacks. Your offense can start with your social media accounts. Make sure your profiles are private and only share them with people you actually know. 

"Don't share too much personal information, especially in your biography or personal details areas," Jason Bradlee, executive vice president and head of security at Fujitsu America Inc., told CNET.  "It's easy for cyber criminals, stalkers and people in general to get addresses, phone numbers, dates of birth, etc. from these places both within the site, like Facebook, LinkedIn, and Twitter, as well as from Google or Bing."

2. Be careful with your emails

IT service providers report that 46 percent of the ransomware attacks they observed were caused by email or phishing scams, according to research from Datto.

"The most common form of social engineering, phishing emails work so well because the attackers are getting better at masking their intentions," said Bradlee.

Don't open emails from people you don't know without scanning them first for malware. Gmail has a built-in malware scanner that will warn you before you open a suspicious email. Many antimalware software have email scanning capabilities, as well. Some good choices are Bitdefender and Kaspersky Anti-Virus. (Good antimalware software will help to protect your computer as a whole, as well.)

Even if an email looks legit, be careful. "The safest bet is to not click on anything that is inside of an email from someone you don't personally know. If the email is from a bank, or of a service that you subscribe to, make sure to check the email address carefully," advised Bradlee.

A legit email address usually has the name of the business after the @ symbol. Emails from free accounts like Gmail, MSN, Yahoo or other providers that are pretending to be big companies are probably scammers, too.

An email may also be shifty if it asks you to:

  • Reset your ID 
  • Reset your password
  • Provide them with account or personal data
  • Open a new web browser tab or window and go directly to that site to make changes

3. Don't brush off passwords 

Yeah, passwords are a hassle, but they are a key way to thwart hackers. Make sure your passwords are complex to protecting your data. "Also, changing your passwords completely (meaning not just one character, but the entire password) every couple of months will help keep the bad actors guessing and your data that much safer," said Bradlee.

Sharon Profis has some great password tips here.

4. Keep your Windows updated

Petya (malware that mimicked a ransomware attack) and WannaCry both used vulnerabilities in computers that hadn't updated their Windows operating system. New updates are regularly released to shore up holes that hackers may use to attack a computer system. You need to ensure your computer is updating as soon as these patches are released.

With Windows 10, updates will install automatically. Older versions may need to be manually switched on.

With Windows 8 and Windows 8.1 , go to Settings > Change PC settings > Update and recovery. Click on Choose how updates get installed. In the Important updates section, choose the auto option, then go to the Recommended updates section and choose Give me recommended updates the same way I receive important updates check box and click Apply.

You can see how to change the settings for Vista, Windows 7 and XP here.

While another ransomware attack may be imminent, you can help ensure that you aren't a victim by taking some simple steps to protect yourself. Keep your information private, don't click suspicious links make your passwords strong and keep your computers updated to keep the hackers at bay.

20 times Hollywood got hacking right (and oh so wrong)

See all photos