Explaining Wannacry Ransomware to Mom on Mother’s Day

With the recent #wannacry #ransomware attack on computers around the world and it being Mother’s Day and all, I thought it was about time that I helped my mom understand what was happening. Sure, my employer and many others have written about ransomware in great technical detail, but I want to make sure my mom understands. And takes some action. After all, she is the one who kept me safe for so many years. So shouldn’t I return the favor?

What is ransomware?

Great question mom. Ransomware can be a few things, but for the most part it means someone tricking you into clicking a link or opening a document and making bad things happen to your computer.

I know you understand that viruses and malware cause things like data snooping or even that weird new search bar that somehow appeared in your browser. But this can be much worse.

Pay me money or you’ll never see your files again!

What ransomware does is scramble your files (your pictures, your spreadsheets, your music, etc.) so that you can’t read them, no matter what. Not even the FBI could read them anymore. (This scrambling is called “encryption.”) And then, you get an evil-looking screen that says “Pay me money and I will unscramble your files! You don’t pay, they remain scrambled forever!”

Then, you have to follow special instructions and pay the bad guys some serious money using an anonymous digital currency called Bitcoin. The kicker is that even sometimes if you pay, you won’t even get your files back! You’d be completely out of luck. Or out of hundreds of dollars to pay the criminals to unscramble your stuff. In either case, bad news all around.

Is this new? And what do worms have to do with anything?

No, ransomware is not new, but it is becoming a huge problem very fast. Friday’s (12-May-2017) worldwide attack which was called #wannacry hit 100 countries and possibly millions of business and personal computers. What made this attack even more nefarious is that it combined ransomware with what is called a “worm.”

A worm is a kind of an evil computer virus that, once it infects a computer, is able to “burrow” to other computers. (Get it? burrow? worm?) So, for example if it got onto Dad’s PC it could easily jump to your laptop over the WiFi without any action by you.

It multiples fast, just like that shampoo commercial from the 1980’s. The story gets worse as the #wannacry ransomware allegedly uses stolen “military” grade technology. And it takes advantage of a shortcoming in Microsoft Windows that many unprepared people have not yet updated.

Here’s what you need to do Mom. Even on Mother’s Day!

  1. Make sure your computer is up-to-date. Run Windows Update and make sure you have all of the security patches available installed on your PC.
  2. Never, ever open any document or click a link from someone unless you are absolutely sure you know who it is from, know what it is, and are expecting it. If you aren’t expecting it, email the person back and say “What’s this?”
  3. Use a reputable anti-virus software and keep it up to date as well.
  4. Make sure you back up your computer on a regular basis. Automatically is best so you don’t have to think about it.

Actively protect against ransomware

The product from the company I work for (Acronis) adds unique technology that can dramatically reduce a computer’s susceptibility to ransomware. And reduces the chance that ransomware will also attack your backup files – the very things you create to protect your data.

This technology is called Acronis Active Protection. It works alongside the anti-virus software you should be running to even better protect against ransomware attacks.

How it works is kind of geeky, but basically:

  1. Acronis Active Protection runs in the background, keeping an intelligent eye on your files all the time, including your photos, spreadsheets, music, and even your backup files.
  2. If something evil on your computer starts to scramble files (“encrypt”, remember?) then Acronis Active Protection stops that evil something from doing the scrambling and asks you “Um, Mom, something is trying to encrypt your files? Is this legitimate?”
  3. If it is something that should be happening (perhaps Dad is archiving some old financial files with encryption) you tell the computer – “No worries, carry on.” (That’s called “whitelisting” if you want to know…)
  4. If this encryption is unexpected, you tell the computer – “Whoa! Stop this evil program from wreaking havoc!” and the program stops. (That’s called “blacklisting…”)
  5. And, here’s the kicker: Because Acronis is backup software Acronis Active Protection will actually recover any files that were impacted by the ransomware and you are back to where you were before the infection!

Mom, remember, nothing (except maybe you of course) is perfect. So back up your computer and pictures on a regular basis and be careful of what you click on!

Love to you on Mother’s Day,

Your son, Gary