You’re probably already aware of this massive ransomware attack, so let me get right to it and save the explanations for the end. (If you’ve been held captive in Outer Mongolia for the past few days and don’t know what WannaCry is, you might want to start at "The Basics" further down.)
First, some self-serving, chest-thumping, braggadocious good news for readers: If you’re a victim but took the advice in my April 3 column ("Stop Reading This and Back Up Your Data"), you’re files are safe. See the first point below.
Find your situation on the "If…" list and act accordingly.
If you’re already a victim and have been backing up your files regularly:
You can tell the creeps holding your files ransom that they can stick their demands in their ears. I’d recommended Mozy and Backblaze in that earlier column and I verified with them today that ransomware victims are protected. Even if your maliciously encrypted files got backed up by one of those services, earlier versions of those files are still available and can be downloaded. So good for you. But upgrade from XP to Windows 10 as soon as you can.
If you’re already a victim and have been not been backing up your files:
You’re hosed. Sorry. Up to you whether you want to pay the ransom, but the little ray of sunshine is that, if you do pay, you’ll get your files back. These creeps might be evil, but their business model is dependent on them honoring the payment. Otherwise, they’d be out of business in a Washington second. If it makes you feel any better, Hollywood Presbyterian Medical Center in Los Angeles was without its systems for ten days last year, finally paying $17,000 to get their files back. And they’re not the only ones.
If you’re not a victim and you’re running Windows XP:
Why are you running XP? Are you also driving a Pinto or Corvair?
Anyway, download this patch from Microsoft and install it. The company stopped supporting XP three years ago but posted this fix because of the alarming numbers of machines still running that antiquated operating system. The attack has been relatively light in the U.S. so far but could get worse.
And then upgrade to Windows 10 as soon as you can.
If you’re running Windows 7 or 10:
You might have read or heard that you’re safe. Not necessarily. It’s true that Microsoft issued a patch for these operating systems in March, but you need to make sure your patches are up to date. You should also be running security software like Norton or McAfee. If you’re not current on both of those things, do them right away. And read the earlier column! WannaCry is not the last global attack that’s going to occur.
The Basics
WannaCry is the latest incarnation of a type of computer virus known as "ransomware." The idea is simple: Bad guys turn your files into useless gibberish. The only way to unscramble them is with a key, and you only get the key if you pay the ransom.
What elevates the WannaCry saga into real art is how it got onto the Internet in the first place.
The National Security Agency identified a security vulnerability in the Windows XP operating system that could be exploited to allow computers to be infected with viruses. Modifying XP to patch that hole wouldn’t have been difficult, except that the NSA didn’t tell Microsoft about it. Why?
Well, wacko lunatic fringe conspiracy theorists might say that the NSA wanted that vulnerability to stay intact so they could use it for their own purposes, like spying on people’s computers. But, golly gee whiz, who would believe that?
Anyway, they kept it a secret…until WikiLeaks hacked the NSA and distributed a boatload of classified documents, one of which (drum roll, please) contained a description of the security hole in XP. This is like breaking into a bio lab and handing out free samples, only to discover you’d also handed out vials of botulinum toxin. (Julian Assange fans, take careful note.)
From there, it was relatively easy for only moderately sophisticated hackers to code up the WannaCry virus. Who is at fault here — the NSA for failing to inform Microsoft, WikiLeaks for releasing the poison, Microsoft for allowing the vulnerability to exist — will be the subject of much lively debate over the coming weeks.
The lesson for most of us, though, is that yes, it can happen to you, and if you don’t take steps to protect yourself, it probably will. Trust me on this: WannaCry is not the Big One. Not even close.
And when the Big One does come, there will be much gnashing of teeth.
Lee Gruenfeld is a managing partner of Cholawsky and Gruenfeld Advisory, as well as a principal with the TechPar Group in New York, a boutique consulting firm consisting exclusively of former C-level executives and "Big Four" partners. He was vice president of strategic initiatives for Support.com, senior vice president and general manager of a SaaS division he created for a technology company in Las Vegas, national head of professional services for computing pioneer Tymshare, and a partner in the management consulting practice of Deloitte in New York and Los Angeles. Lee is also the award-winning author of fourteen critically-acclaimed, best-selling works of fiction and non-fiction. For more of his reports — Click Here Now.