Studies have shown that close to 80 percent of all commercial airline accidents is the result of pilot error. At least 90 percent of motor-vehicle crashes are caused by human error. It is safe to assume that nearly 100 percent of successful cyber attacks on computers are the result of behavior that shows a lack of good sense or judgment—“human stupidity.”
By Saturday morning Philippine time, it was reported that the largest “ransomware” attack in history had affected computers in nearly 100 countries, affecting tens of thousands of corporate and personal computers.
Analysis by several cyber-security companies led investigators to believe this was the result of enterprising tecno-thieves using a variation of a tool developed by the US National Security Agency (NSA) to hack computers. Classified documents stolen from the NSA were posted online earlier this year detailing NSA’s hacking software.
This latest manifestation of ransomware—dubbed “WannaCry”—encrypts all the computer data, effectively locking the computer and shows a start-up screen demanding that $300 be sent by Bitcoin to the hackers in order to decrypt the hard drive.
Spanish telecoms giant Telefonica is facing an 85-percent computer shutdown after hackers infiltrated its systems demanding $550,000 in Bitcoin. Many hospitals that are a part of the United Kingdom’s National Health Service had their computer systems shut down. Global parcel delivery company FedEx Corp. was also affected.
The malware changes the names on critical files and, therefore, takes over a computer using Windows Operating System, old or new. Microsoft Corp. identified the problem and issued a protection software update some weeks ago. Many individuals and companies did not update their computers.
The average person tends to think that cyber criminals lurk in the shadows of the Internet like a robber hiding in bushes. Or maybe they are like burglars, checking your house for windows that they can crawl through, or unlocked doors to get to your valuables. But that is not the way it works.
They are like the person who arrives, knocking on your door with a big smile and asking to come in to your house with a promise of free trip to Singapore for only a few minutes of your time.
Ransomware gains access to a computer the same way as any kind of virus or computer worm—either through getting the user to open an infected e-mail, navigate to a compromised web site, or install an infected program. These cyber extortionists tricked victims into opening the malicious malware attachments to e-mails that appeared to contain invoices, job offers and other legitimate files. With a single click on an e-mail attachment, you have let the person kidnap-for-ransom all the data on your computer.
There is really no excuse for people being tricked this way. The first documented case of a ransomware attack appeared in 2005. Everyone should know that the threat of a viral attack on a computer is a constant and never-ending threat. But the greed for free car, the guaranteed secret to losing 10 kilos, or scandalous pictures of your favorite celebrity or politician is apparently too hard to resist.
All it takes is common sense. E-mails from a person or organization you never heard of should immediately raise high suspicion and should not be touched. If you get a sudden e-mail attachment from a trusted friend, contact them before opening. In fact, you should assume that all unexpected e-mail attachments are crooked. Careless use of a computer connected to the Internet is like carelessly walking down a dark alley at night. If you get mugged, you have only yourself to blame.