Locking the door against cyberattack

opinion May 18, 2017 01:00

By The Nation

When it comes to malware, apathy reigns and computer users too often leave their guard down



A global cyberattack with malicious software has struck again. This time it was in the form of so-called ransomware known as WannaCry or WannaCrypt that encrypts files on Windows computers and demands payment for the decryption code needed to unlock the data.

The attack is believed to have affected at least 300,000 computers in 150 countries. In Thailand about 200 computers were hit, but luckily none in critical sectors such as healthcare or banking. The Ministry of Digital Economy and Society said the infected computers belonged to private businesses, while state agencies were spared.

However, although the damage has been comparatively minimal here compared to other countries, everyone who uses a computer should be taking precautions against cyberattack should this barrage continue or be resumed in the future. 

Agencies overseas including the European Union Agency for Law Enforcement Cooperation (Europol) are trying to identify the culprits behind this latest assault. Both China and Russia have pointed out that the United States government is partially to blame, since the ransomware was developed from a snooping tool used by its National Security Agency (NSA), then discovered by hackers and shared online in April. The investigation continues amid talk about threats of “serious digital sabotage” that could paralyse entire nations as a result of breakdowns in transportation networks, banking systems and the like.

Digital threats to national security have emerged from the realms of paranoia and the imagination. Measures must be taken to prevent them or at least limit the impact. Ordinary computer users need to apply common sense to guard their machines both at home and at work against virus and malware infection. It might be easier said than done, but we must take all available precautions recommended by experts. 

The Thailand Computer Emergency Response Team (ThaiCERT) advises that computers can be shielded from malware in general and this ransomware in particular by ensuring that security settings are constantly updated, by shunning e-mail attachments from unknown sources and by never clicking on suspicious links in e-mail. Private firms and public agencies are advised to help protect users of their systems by employing an e-mail 

filtering system. 

To be sure, affected computers can be cleansed of infections and reformatted, but this results in the loss of all stored data. It is thus wise to frequently back up important files on external disks – which have thankfully become far more affordable in recent years. Microsoft, which makes the Windows operating-system software, has meanwhile hastily released security patches for pre-Windows 10 versions, still in wide use, to guard against WannaCry. Its failure to give older versions the same protection found on Windows 10 – covering the security gap found and exploited but kept secret by the NSA – left millions of users vulnerable.

It is also fortunate that smartphones, despite their global popularity, have not yet been targeted in a large-scale malware attack like this. But who knows? Ill-intentioned hackers might well be plotting right now to take control of our mobile phones for their nefarious purposes.

We must be better prepared for the next cyberattack, whenever it comes and in whatever form it takes.