Ransomware: How to stay safe

  • Published
  • By Jaimi L. Upthegrove, Air Force Reserve Command Public Affairs
In mid-May a worldwide ransomware cyberattack infected more than 200,000 computers in 150 countries. Luckily, shortly after the attack began, a web security researcher was able to discover an effective kill switch that slowed the spread of the infection, effectively halting the outbreak.

Ransomware attacks effect computers by encrypting all of the information on the devices, and the hackers demand a ransom, usually paid in the form of bitcoins, in return for the decryption key. Generally if a payment isn’t made, the hackers leave them permanently encrypted with no way to pay the ransom to unlock the encrypted files.

These cyberattacks are on the increase, with hackers in some cases being able to make millions of dollars in ransom payments. To avoid falling victim to a ransomware attack, people need to be actively involved in protecting their private computers.

“Ransomware is something you have to be proactive about preventing,” said Capt. Spencer Johnson, chief of the Network Operations Branch in the Directorate of Communications at Headquarters Air Force Reserve Command. “It’s vital to not get behind the power curve with your computer’s operating system. If you’re more than two operating systems behind (the latest available version), it’s time to upgrade your software or, better yet, get a new laptop.”

Another way to protect devices is to practice smart internet usage.

“Anytime you’re on a site and pop-ups won’t stop (happening), run,” said Staff Sgt. Kyle Wilson, the Directorate of Communications Vulnerability Assessment Manager. “Personal use of the internet is one of the biggest risk factors. The biggest threat to any device is the person using it.”

Things to be on the lookout for when using the internet are the URLs or web addresses, phishing attempts, click-bait (content whose main purpose is to attract attention and encourage visitors to click on a link to a particular web page) and email attachments.

“If you go to a commonly used site but after the .com is a bunch of gibberish, that’s a key indicator that the site is pretending to be something else and is not safe,” Wilson said. “If you’re trying to buy something on a site that doesn’t have an ‘s’ at the end of the http (in the URL) showing you it’s secure, absolutely don’t do it.”

Another way to protect personal computers or other devices is to regularly install updates and protective software.

“Most computers are set up to install updates automatically, but a person can also type update in their search bar and force the computer to check. Make sure to restart your machines regularly as well,” Johnson said. “Companies are constantly on the lookout for holes that leave devices vulnerable, so keeping the software current is key to keeping devices and personal information safe.”

Wilson said keeping malware and anti-virus software on personal devices will add a comforting level of additional security. He also said with a little research anyone can find software for free that will cover his or her devices.

All Department of Defense employees can download free antivirus software from McAfee.

In today’s world of cyberwarfare, keeping smart devices secure is important to keeping information safe. Information is power; keep it safe.