A major cyberattack recently hit about 200,000 computers across more than 150 countries, with an especially considerable effect on individuals with older computers and operating systems, as well as large organizations and universities.
The attack was performed via malware that has since become known as “WannaCry,” which was created and published by a hacker group called Shadow Brokers. It developed the malware from tools that were originally created by the U.S. National Security Agency— one of the reasons it was so effective.
In the attack, the system would lock down certain files and then demand $300 in Bitcoin, a digital currency, within six hours to receive instructions to restore those files. The attack resulted in more than $40,000 being paid out, according to Bitcoin transaction tracking company Elliptic. The hackers have not yet been caught.
Mitigating the impact of a potential attack
In the wake of such an event, it is important to remind all users of the importance of digital and device security. Below are a few steps you can take to protect all your personal and work devices and the information stored on them.
- Back up all data: You should make regular backups of all your files, data and programs. At least once a month is a good baseline, but weekly is a better option to ensure you will not lose too much in the event of a ransomware attack.
- Make regular updates to antivirus software: New malware is constantly being created to exploit vulnerabilities in networks and devices. Thus, antivirus software must regularly be updated so your computer is able to address any potential viruses that attempt to attack it. Microsoft and other large software companies also release patches for other programs that address known vulnerabilities.
- Regularly update your operating system: Windows, for example, has regular updates it releases. If you get a message on your computer telling you there is a new update and you must restart to install it, do not delay for long—these updates are critical for preserving the security of your computer and all the data on it. If you are using an older operating system, continue updating to a new one to ensure you have access to the security features and updates you need to stay protected. Windows 8.1, for example, will have limited support as of January 2018, making an upgrade to Windows 10 highly advisable.
- Have processes in place to address cyberattacks: It is important to be prepared for any cyberattack that could affect you or your business. Have a company-wide policy that addresses steps to take in the event of an attack, and make sure your employees are familiar with them.
- Consider security of outside partners or vendors: Even if you are not directly hit by a cyberattack, your company could still be affected if one of your key suppliers or vendors becomes a target. When looking for such partners, make sure they are prepared to handle any potential cyberattacks.
If you have any questions about cybersecurity and the legal liability associated with it, consult a dedicated attorney in the U.S. Virgin Islands.
Ravinder S. Nagi is Assistant Managing Attorney at BoltNagi, a respected and well-established intellectual property and business law firm that serves clients throughout the U.S. Virgin Islands.