PCs still running Windows 7 will soon be more at risk of ransomware

PCs still running when Windows 7 reaches end of life on the 14th of January will be significantly more at risk of ransomware, Veritas Technologies has warned. According to experts, 26% of PCs are expected to still be running the Microsoft software after support for patches and bug fixes end.

The vulnerability to ransomware of PCs running unsupported software was demonstrated by WannaCry. Despite supported PCs being pushed patches for the cryptoworm, Europol estimated that 200,000 devices in 150 countries, running older, unsupported, software became infected by WannaCry. Although just $130,000 was paid in ransoms, the impact to business is understood to have run into the billions of dollars due to lost productivity and lost data.

Microsoft ended mainstream support of Windows 7 in 2015, giving users five years to ready themselves for the software to reach end of life.

Businesses running Windows 7 should prepare themselves in order to avoid the impact that vulnerability to ransomware could have on their organizations. Here are five tips that could help navigate this challenge:

Educate employees – The biggest risk is to data that employees save to unprotected locations. Ensure that users are following best practices for where to save data so that it can be secured and consider running a simulation. Saving valued data to centralized servers, data centers or to the cloud can help reduce risk.

Evaluate risk by understanding your data – For enterprises, insight software solutions can help to identify where key data lives and ensure that it complies with company policies and industry regulations. This is critical not only to identify the challenges but also to prioritize the recovery process.

Consider a software upgrade – This isn’t going to be practical for large enterprises in the time available, but it could well be part of a longer-term strategy. For SMEs, the most sensible solution might be simply to upgrade to an operating system that has ongoing support.

Run patches whilst you can – According to the Ponemon Institute, 60% of respondents who experienced data breaches did so despite a patch to prevent breaches being available to them. Businesses should at least make sure that they are as up-to-date as they can be whilst they can. Users will also be able to buy “ESUs” from Microsoft to access patches during their migration to newer software.

Ensure that data is backed up – Ransomware relies on the idea that paying a ransom is going to be the only/cheapest way to regain access to your data, yet research shows that less than half of those that pay up are actually able to recover their data from cyber criminals. Veritas advocates the “3-2-1 rule”, where data owners have three copies of their data, two of which are on different storage media and one is air gapped in an offsite location. With an air-gapped data backup solution, businesses have the much safer, and more reliable option, of simply restoring their data.

WannaCry was a clear example of the dangers that businesses can face when they are using software that has reached end of life. In January 2020, a quarter of all PCs are going to fall into this category so it’s vital that the organizations that rely on Windows 7 are aware of the risks and what they need to mitigate them.

This type of ransomware attack tends to have a disproportionate effect on organizations that can afford ransoms least – for example, we saw high-profile attacks on public sector bodies in 2017. So, it’s critical for those running Windows 7 to act now and put plans in place to ensure that they are able to protect themselves. Organizations need to understand their data and make sure that information is being stored in the right place where it can be protected and made available when needed.

10 Tips to Steer Clear from Daily Cybercrime

When it comes to cyber security tips, we are bothered about securing social media accounts or financial accounts. Cybercrime continues to evolve, surfacing new threats that are more complex every year. Being cautious while tending to financial transactions won’t ensure that you are cyber safe. There are many digital devices that you use, different websites that you visit, and various e-commerce sites that you use for online transactions.

As a victim of identity theft, you are prone to various financial and non-financial attacks. However, when you hear about the range of cybercrimes, you might find that the best option is to avoid the internet altogether. But that’s too drastic, isn’t it?

Instead, a solution would be to become cyber aware and learn the basic precautions to protect yourself and your data. These precautionary measures also include learning how to respond when identifying others involved in criminal activities online.

What is cybercrime 

Cybercrime, in any form, is a crime that takes place online with the help of digital devices like computers, smartphones, tablets, etc. It varies from identity theft to security breaches or as a tool to commit an offense. Cybercriminals also steal data to sell in the dark market or to use it for things like cyber-stalking, harassment, child exploitation, or bullying. Terrorists also collaborate online to spread rumors or false allegations to create social disturbances.

How to protect yourself against cybercrime

1. Intensify your home network

It’s a good idea to secure your home, starting with the internet connection. The home network can be strengthened using a virtual private network with an encrypted password. A VPN encrypts the traffic until it reaches the destination, which gives less scope for criminals that intercept the connection to attain any data. It is also a good practice to use a VPN when using unprotected public wi-fi in areas like hotels, cafes, airports, etc.

2. Use a full-service internet security suite

Using an anti-virus is a good option to secure your device from viruses, worms, etc. But using a full-service internet security suite gives real-time protection from malware, including ransomware and viruses. An internet security suite will provide maximum protection to your online data.

3. Update your software

Cybercriminals often use existing flaws or exploits in the software to gain access to the system. It is, therefore, critical to update your software regularly, especially operating systems and internet security software. By patching the flaws and exploits, you are less likely to fall victim to a cyberattack.

4. Use strong password strings

Don’t use similar passwords for every website and change your passwords regularly. The passwords should be alphanumeric, along with special characters. Use strings instead of word(s) as it makes the password complex. A password management application can be used to keep your passwords secure yet accessible.

5. Manage your social media settings

An academic study performed by Dr. Mike McGuire, Senior Lecturer in Criminology at the University of Surrey, showed that social media-enabled cybercrime contributes around $3.25 billion towards the global revenue annually. Social media is increasingly becoming a source for phishing attacks as criminals are obtaining relevant information required to crack email or bank accounts. For example, revealing your mother’s maiden name may expose the answer to the most common security question of a bank account.

6. Be prepared to handle identity theft on travel

Cybercriminals are everywhere, and they always have an eye on you. When traveling, avoid sharing your traveling plans on social media. When staying outside, use a VPN over the hotel’s unsafe wi-fi network.

7. Protect yourself from identity theft

Identity theft is performed by obtaining personal information to go undercover or for economic gain. It is important to guard your personal data and avoid being tricked by attackers. When data is shared online, it should be protected in-transit and after it reaches the destination too. Identity theft can happen anywhere and only by being assertive and alert can you protect your data.

8. Educate your children about safe internet practices

It is important to educate your children about safely using the internet. Children are easy targets for cyberbullying, and they should be taught about the acceptable ways to use the internet. They should be taught to reach out to you in case of any kind of online harassment, stalking, etc.

9. Monitor your child’s internet activity

While you talk to your children about internet safety, also teach them about identity theft. You should be careful while sharing your child’s information online and also teach your children to recognize the signs of identity theft. Monitor your child’s browsing history to understand the websites they are visiting and whether they have shared any personal information which may be used by cyber thieves.

10. Be aware of major security breaches

Stay updated with the major security breaches so that you are in the know of many ways attackers trap users and compromise their personal information. If you have an account on the websites that are breached, find the information that is compromised and change your password immediately.

What if you are a victim?

When you realized that you are a victim of a cybercrime, you should:

• Immediately inform the police and the respective authorized vendors, like credit card vendors, in the case of credit card fraud.
• Report the minor of the frauds to the Federal Trade Commission to help them bringing awareness among people and save others.
• Change your login credentials and also verify signup details of related website accounts.

Remember, staying alert is the best key to avoid further loss!

Fighting cybercrime is an obligation to combat rising cyberattacks. Following simple security measures and reporting the smallest of the cybercrimes to relevant authority should be the foremost measure.