WannaCry 2017 Cyber Attack: “Its like a using last year’s flu shot for this year’s virus”

In response to the WannaCry cyber attack currently hitting Europe and parts of Asia, Tim went on the Ron Jolly Show on WTCM NewsTalk 580 this morning to chat about how you can stay safe. Click the link below to listen, or read the transcript below!

Tim: [about updating new software] At times, it’ll break other stuff, and you may not want to because it might make some other piece of software not work. And then you gotta go back in and fix that and you think aw the heck it’s working, I’ll leave it. But you don’t want to do that.
Security is layers. It’s like a flu shot. And you wanna do it. Last year’s flu shot won’t help you this year. So you gotta keep things updated.

Ron: Now, what do you do for your clients to help them avoid this? Is it that simple? Is it making sure they do their updates? What kind of things do you recommend?
Tim: There’s one other layer that’s a really critical layer. So, this particular one [ransomware] is kinda new, because this one ran this kind of an exploit without any user interaction. That’s what’s made this one quite different. It’s why so many hundreds of thousands were affected so quickly, primarily in Europe, so far. Now it’s starting to hit a little bit of Asia, not so much in the U.S. so far.
But what’s always been the issue with ransomware is when you click on an attachment in an email. and that runs a piece of software in the background, and thats what starts it all.
Ron: That’s how it gets into your computer?
Tim: Normally, yeah, but not this particular one. This particular one came in through an exploit in the operating system. So if you were on the internet, you could be exposed.

Ron: Ok.

Tim: Normally, up until this point, it’s basically been that the user makes the mistake. Someone gets an email and thinks, ‘hey, it comes from Ron Jolly, it must be okay’. But it didn’t come from you, it was spoofed to look like it came from you. I double click on the extension ; maybe it’s from UPS, we’re trying to ship it, here’s your invoice. you think, “I don’t know what this is but I’ll open it and see what it says”. And then in the background, quietly, something happens.

Ron: Oh boy
Tim: So you should be extremely careful when you’re opening up any kind of an attachment in an email.
But, for this particular attack, you need to stay updated.

Ron: Are Mac computers as vulnerable as Microsoft systems?

Tim: No. Well, not – the operating system is just as vulnerable. They have had their share of attacks, too. But if you’re a ransomware guy and you wanna get money, you’ve got somewhere along the lines of 30-40 to 1 of Windows-types of PC’s out there.

So your actual payload is – you have a much greater chance of making real money.

There’s fewer Macs. and that plays as much into it as anything. So the virus guys won’t go as much for Macs because there’s not as many people using them, for operating systems.

Macbooks, Macbook Pros, that kind of thing. They have their own problems, although they’re not as bad as Windows, I have to say.

Ron: If you do get a ransomware attack, other than paying the ransom, which doesn’t guarante your files will be freed up, is it like a virus, where you can bring it to a guy that fixes computers and have him do it?
T No, it’s not like a virus. It actually encrypts the files. and if you don’t have the encryption key, you don’t get your file back.

That’s why the backups [are important]. We have to restore from yesterday’s backup – or, in our case and like a lot of people like us, we do backups every few hours. If someone does something at 2 o’clock, I’m able to get the noon backup and do a restore from that.

That’s why, again, there’s another layer. Backups are a layer of security protection. And having many backups a day are a layer. So all that helps.

Ron: Make sure your updates are being updated, your Microsoft security essentials or whatever updates, and if you’re a business and you don’t have an IT person, even small businesses, Terrapin Networks, with Tim Gillen, specialiazes in protecting you from this kind of a thing.

Tim, we’ll catch up down the road, but thanks for your insight here today.

Tim:  You’re welcome, my pleasure, thanks.

Share This:Facebooktwittergoogle_pluspinterestlinkedinmailby feather