AFIT NEWS

Welcome to the Air Force Institute of Technology

How to Avoid Computer Ransomware Threats
Posted Tuesday, June 20, 2017

 

In May 2017, the "Wanna Cry" (aka WannaCrypt) ransomware propagated across several countries and infected thousands of computers and several big name companies.  The Air Force Institute of Technology's Center for Cyberspace Research believes that end user education is a vital component of a broader strategy to curb such malware and increase cybersecurity for the nation.  AFIT's CCR offers the following general suggestions on how to mitigate the threat of these types of online cyber attacks.

1. Keep an up-to-date back-up of all your data files.  In this day and age, it is quite simple to make back-up copies of your personal information for your own peace of mind.  A number of easy solutions exist to include backing up to a cloud service, an external hard drive, or a set of DVDs.  Note that the external drives should be stored offline to avoid ransomware discovery.  For the same reason, cloud services should be setup to require some type of authentication (i.e. strong password) before use.

2. Adopt safe Internet practices. Remember to NEVER click on links inside emails from unknown sources. This is one of the primary ways that spyware and cyber attacks are executed.  Beware that some sophisticated malware can impersonate friends and family, so scrutinize the situation carefully.  Finally, even well-intentioned family and friends can send you links that can launch a hidden cyber attack.  We recommend separating household use (finances, correspondence) from entertainment use across different (physical or virtual) computers.

3. Always keep anti-virus software and operating systems up to date with security patches.  Modern computers often have software that allows for automated updates.  Make sure you allow your computer to accept those updates. If you are using an older version of the Microsoft Windows product, Microsoft has released an emergency security patch update for many of these as well.

4. Finally, remember to create a personal user account on your computer that is separate from your administrator account.  Most computers are set up for multiple users.  You may not realize that if you are a single user on a computer, you are most likely working from an administrator's account. By creating and using a personal user account that is separate from the administrator's account, you can limit malware access to critical features of your computer, which will make a security breach much less destructive if it should happen to you.  Remember to NEVER browse the Internet or click on any email link while working from an administrator account.

As every Airman knows, good cyber hygiene is critical to mission success.  Awareness of fundamental cyber security practices is not just the concern of the armed forces, but the concern of every citizen that lives in the digital age.