After hearing the news about #WannaCry worm with ransomware functionality, I was surprised how many friends of mine who use Windows needed help to make sure their home systems are healthy and protected. So this article is an attempt to explain in plain English what needs to be done to avoid, perhaps, 99% of all malware that normal computer users may come across. The advice would be quite different to companies, and if there is demand, I’ll write that as well. So here we go.
You would not #WannaCry because of this and 99% of other attacks if:
Your Windows is configured to update automatically.
- Windows 10 automatically updates for all home users. So there is nothing to do if you use Windows 10, unless you want finer control over when your updates are installed!
- Do you use older Windows? Upgrade. There are no excuses!
- Don’t use Windows? Set your OSX or Linux or whatever else for automatic updates
- Is your Windows managed by your organisation? Ask your IT how frequently the security updates are checked and installed, and if it is anything less than twice a month, then demand to change that, for your company’s and your own safety
- Don’t want to upgrade? You are at much higher risk, although Microsoft feels for you and made updates for older versions of Windows available here. Let me know if it is worth writing how to set up automatic updates for older systems – but first, see (1b) above!
You did not explicitly tinker with your broadband router to open up all kinds of services or set insecure passwords.
If you did – I hope you know what you were doing, as errors could lead to insecure setups. Most people don’t touch their provider-issued routers at home, which is good. If you tinker – you need to know what you are doing, no excuses.
You run the up-to-date antivirus, even with default settings.
Even Windows Defender, that comes with every Windows 10, is a good start, as according to Microsoft, it would help against #WannaCry. Of course, some antiviruses, like Kaspersky, do even a better job of proactively detecting malware, so you may want to consider that
You keep your documents in the cloud.
Windows 10 makes it easy by letting you agree to store your documents and pictures on OneDrive. Most cloud storages, including OneDrive, as a part of Office 365 subscription, will allow you to see a version history of your documents. Even if something gets damaged, you can always download the previous, undamaged version.
Most important: you use your head.
When deciding whether to open the document or click on the link in an email from someone you don’t know, just think: are you really expecting that invoice? Could there be anything useful at all on the other side of that link? If the email looks wrong, it is most likely because it is. If a website sounds or looks dodgy, that is probably because it is. If something is asking for your permission to change something on your computer, have you really expected it? Is it something that makes common sense? If not – then it is probably malicious activity.
All of these points are known as a basic cyber hygiene. If you follow these simple rules, your chances of getting into cyber-trouble as a result of your daily internet habits are going to be very small.