Thoughts on data security under the threat of ransomware

Introduction

On May 12, the WannaCry ransomware broke out globally. In just 24 hours, it swept through more than 150 countries around the world at lightning speed and infected more than 300,000 people. computer. Joint monitoring by the National Computer Virus Emergency Response Center also found that a "ransomware" similar to WannaCry has appeared abroad. It will encrypt victim users' files and rename them. The new file names will have the ".UIWIX" suffix; the center has not yet collected Reports of infections among domestic users have been reported, reminding the country to be more vigilant.

The booming development of the Internet era has brought convenience and future expectations beyond imagination. At the same time, it has also inevitably increased the risk of leakage of personal data and privacy. This ransomware incident also exposed the importance of data security, and the world was plunged into panic. Reuters also cited data saying that ransomware variants are spreading rapidly at a rate of infecting 3,600 computers per hour. In China, many corporate intranets and even private networks are not immune. Many industries such as medical care, enterprises, electric power, energy, banking, and transportation have been affected to varying degrees.

Reflections on data security under ransomware: How to avoid the next cyber attack?

At the same time, in the interconnected cyberspace, the public has always had great doubts about its security. From the security of personal privacy data in life to password management, there is also a high risk of information exposure; as big as it affects the whole world. The WannaCry ransomware virus has brought us in-depth reflection on network security and data security issues. A common example in daily life is that most people use the same email account and password to register and log in to multiple platforms. Although it saves the trouble of setting different passwords, such users are at high risk of personal information being exposed. group. The following two steps can improve the security management of personal privacy information.

step one:

Use Have I been pwned? to check whether your account, email, and password are at risk of being stolen

If a red "Oh no — pwned!" appears, it means that your email account and password files have been leaked. The number in the sentence "Pwned on xxx breached sites" is the number of websites that are suspected of leaking passwords. The names of websites and related events that have leaked passwords will be listed below the website.

Step 2:

Use the password manager KeePass (or other similar password managers). KeePass is used to safely generate and save your various passwords on the Internet. You only need a key to unlock KeePass, and you can use KeePass to store it. password.

You can save the login URL of the registered website, including user name, password and notes in KeePass. The password can be generated by KeePass for you by setting conditions (such as setting it to contain uppercase letters, lowercase letters, special symbols, and several digits). wait). You can save the KeePass Database in Nut Cloud, so that you can use your key (KeePass password) to open the "safe" on any device, including mobile devices, and view and use the passwords of all accounts. The reason why Nut Cloud is recommended here is also due to security considerations. Nut Cloud uses two-step verification to log in. You can choose WeChat, mobile phone or Google authenticator for identity verification. In addition, military-level transmission and storage encryption can also ensure the security of personal data.

Many media and professionals have put forward suggestions on how to deal with ransomware viruses. Here, the author also proposes several good habits to protect the security of personal and corporate data. I hope to nip it in the bud and avoid another network crisis. .

Step 3:

You should always backup your data safely and back up important data in the cloud. You can use high-security synchronization network disks such as Nut Cloud and Dropbox. If you still have concerns about data storage in the cloud, you can use third-party encryption software such as Boxcryptor to encrypt confidential files in the cloud and locally. Encrypted files can only be accessed after being unlocked by Boxcryptor. No one else can access the encrypted files, whether it is third-party organizations, cloud service providers, or even if user data is stolen. Double-layer encryption ensures the highest security of files.

Reflections on data security under ransomware: How to avoid the next cyber attack?

Step 4:

Regularly upgrade Windows, macOS, iOS and other operating systems to the latest version, turn on automatic system updates, actively detect updates and install them; resolutely stop using Windows XP, Windows 2003 and other operating systems that Microsoft no longer provides security updates.

Step five:

Do not click on unfamiliar links, do not download unfamiliar files, and do not open unfamiliar emails. Preventing dangers before they happen should be implemented from small and usual places to improve personal safety awareness.

Ransomware malware has also brought new challenges to domestic and even global network security. This incident also shows that China does not pay enough attention to data theft and advanced persistent threats. From the individual to the corporate to the national level, this incident has taught the entire Internet industry and the entire society a lesson, highlighting the importance of data security in the Internet era. You should take the initiative to improve security awareness, maintain security vigilance, and protect important data.

The above is the detailed content of Thoughts on data security under the threat of ransomware. For more information, please follow other related articles on the PHP Chinese website!