The Ransomware Cyber Attack from last Friday affected about 150 countries and it infected at least 200,000 computers worldwide. The experts warn that more attacks of this kind could happen again when people start their computers.

What is Ransomware?

Ransomware is a type of malware program that blocks the computers of the victims and encrypts their data, it then requires the users to make a payment so they can regain control of their computers and their affected files. The ransomware phenomenon is one of the biggest threats to the law enforcement agencies in the European Union.

Moreover, the list of the most dangerous malicious programs appearing in the last seven years is dominated by ransomwar,. "WannaCry" — a malicious program which is currently being propagated — uses a vulnerability present in most versions of the Windows operating system. The vulnerability MS17-010 allows the attacker to run malicious code on a computer and to use that code to infect the system with ransomware without someone accessing links or opening infected emails.

How can a ransomware attack be avoided?

First, the users need to make sure that the operating system is updated. If the auto-update feature is turned off, it must be started. Then, an updated security solution is also important.

There is no need to install an extra program, Windows Defender is enough.

But users have to make sure Windows Defender is turned on and it's up to date.

To avoid these attacks, users should avoid clicking on attachments from emails from dubious sources. According to Symantec, 46% of infections with this kind of program were caused by email attachments and by phishing messages. Other forms of infection (12% of cases) are the websites and the ads that include these harmful codes.

The companies have to train their employees about these threats and advise them not to access suspicious attachments or suspicious emails. In 36% of the cases, the ransomware infection in a company is caused by the lack of training available to the employees regarding this threat.

The most affected industries

Although in many cases personal computers are compromised, the profitable targets for the ransomware developers are public companies and institutions.

According to Symantec, all the sectors of the industry have been affected by these attacks in recent years. However, organizations from two areas become more often a target of this kind of attacks: services (38%) and production (17%).