What computers are affected by this weekend’s cyber-attack?
The virus or malware that has affected nearly 100 countries in a large scale cyber-attack this weekend primarily targets computers and laptops that are still operating on Microsoft Windows XP.
The Windows XP operating system was released in 2001 and was one of the most common operating systems throughout the 2000s.
In 2014 Microsoft stopped supporting the operating system, meaning it was not releasing any further upgrades for the XP. Essentially, Microsoft were not developing any more “patches” that users could download to fix any problems or glitches that people discovered in the operating system.
Windows XP is more exposed to new methods of hacking and is more vulnerable as it is no longer supported or reinforced against newly developed cyber-attacks.
Recent Windows systems including Windows 10, 8, and 7 can also be infected by the ransomware virus, and Microsoft released a special security upgrade or “patch” for users to download in March 2017, which protects against the specific ransomware involved in this weekend’s attack.
What is ransomware?
The virus or malware behind the latest cyber-attack has been identified as “ransomware”. This is a virus that locks down either your computer or your web browser, and a message on the screen demands you make a payment in the online currency Bitcoin to have your computer unlocked.
The virus can target home computers, or larger servers that businesses or state agencies operate on. The WannaCry virus involved in the current attack is thought to be based on software developed by the US National Security Agency (NSA).
The attack that targeted the NHS in the UK asked for computer users to pay $300 to unlock their computer, but Microsoft has advised that making payments does not guarantee the malware will be lifted from computers.
The WannaCry ransomware is spread through hidden viruses linked in word documents and PDF files sent over email.
Europol, the EU law enforcement agency, have advised people to be wary of clicking on links or downloading attachments sent in any emails from senders they do not recognise.
The spread of the current attack was stopped by one UK cyber security researcher, who came across the malware and managed to identify the domain it was duplicating itself from, which was unregistered. The researcher, who has remained anonymous, registered the domain to a set web page and this unexpectedly halted the spread of the virus.
How can I protect my computer from the ransomware virus?
The main way current Windows XP computer users can ensure they’re protected against cyber-attacks or viruses is to upgrade and purchase a more recent operating system. Moving from Windows XP to a more recent system that is supported by Microsoft should help secure your computer.
The most current Windows operating system you can buy is Windows 10, followed by two slightly older version, Windows 8.1 and Windows 7.
My computer doesn’t run on Windows XP, am I safe?
The latest wave of cyber malware targeted Windows XP operating systems, but even if you use a more recent Windows system, you should ensure you have the proper updates and security software downloaded on your computer to protect against viruses or malware.
In March 2017, Microsoft released an update or “patch” that would protect users with Windows 7, 8, 8.1 and 10 systems from the specific WannaCry ransomware attack. The security patch, titled “MS17-010” can be found here (https://technet.microsoft.com/en-us/library/security/ms17-010.aspx).
You should also ensure you have the most up-to-date security and antivirus software installed on your computer. In the latest versions of Windows (Windows 10, 8, 8.1) your computer will come with the standard antivirus system “Windows Defender” already installed. This acts as a guard against many types of malware and ransomware viruses.
If you’re using Windows 7 you can download antivirus software provided by Microsoft, called “Windows Security Essentials”, for free. This will help protect against viruses, and can be downloaded here (https://support.microsoft.com/en-ie/help/14210/security-essentials-download).
Any other advice?
Apart from downloading antivirus software or upgrading your computer to the latest operating system, there are some small tips to help you avoid contracting viruses or malware on your computer.
Microsoft advises users to avoid clicking on links or downloading attachments from emails you do not recognise.
It also advises having pop-ups adverts blocked, which will prevent the majority of potentially dangerous pop-up windows with harmful links appearing on your screen.
What should I do if my computer has been infected?
There are different types of ransomware, so there is no single easy solution to restore your computer if it has been infected with the virus. If the ransomware has just blocked access to your web browser, it may be easier to regain control by accessing your computer’s task manager and shutting down your web browser programme.
If the ransomware has infected and shut down your entire PC, as it appears to be the case in the most recent large-scale cyber-attack, then combating it is more difficult. You may have to download specific safety software onto a non-infected computer and then try to transfer it over to the affected computer with a CD rom or USB stick.
Detailed instructions on how to try to troubleshoot or shut down the virus if your computer has been infected can be found here.
Is Ireland at risk of a ransomware cyber-attack?
An Garda Síochána said on Saturday evening there had been no identified cyber-attack on any Irish State computer system from the wave of international ransomware attacks, although RTÉ reported a suspected attack on healthcare facility in the southeast.
A spokeswoman for the HSE said on Saturday the health service was “continuing to monitor the situation” over the weekend, but that its official IT server had not been infected.
What are State agencies like the HSE doing to tackle the threat?
In response to this weekend’s cyber-attack, the HSE has started to ensure all computers and IT devices have the most up-to-date security and antivirus software installed.
“Antivirus updates are currently being installed in these devices and a process of testing is under way. As there are approximately 1,500 devices, it is expected that this process will take a number of days to complete,” a spokeswoman said.
An audit of the HSE’s computer and IT systems in 2012 found its security provisions were “inadequate” and data stored on many of the health service’s computer technology stock was unsecure.
A spokeswoman for the HSE was not able to provide the most up-to-date analysis of the security or age of the HSE’s computer and IT stock on short notice, and outlined that the immediate response to the international cyber-attack was to monitor computer systems until after the weekend.
An EU directive passed by the European Parliament in July 2016 set out a plan to increase co-operation between EU member states to tackle cybercrime and put in place plans for co-ordinated responses to attacks.
The cyber security reforms would see each member state have to set up a dedicated “Computer Security Incident Response Team”. The regulation to set out increased co-operation across borders in the event of a cyber-attack has, however, not yet been legislated for in Ireland. Ireland has just over a year to pass legislation on the directive.