A global cyberattack using malicious software to solicit ransom money from unsuspecting computer users is the "biggest in history", according to Professor Basie von Solms, Director at the Centre for Cyber Security at the University of Johannesburg.
At least 200,000 victims in over 150 countries have been hit since the "unprecedented attack" began on Friday, according to the European Union Agency for Law Enforcement Co-operation (Europol). The ransomware, which is a form of malicious software or malware, has so far only gathered $42,000 in payments from 100 users, while the hackers are still at large, The Guardian reported on Monday.
The software, named WannaCry, was stolen by hackers from the United States' National Security Agency (NSA) and reported publicly earlier this year, according to Brad Smith, Microsoft's president and chief legal officer. Smith criticised the "stockpiling of vulnerabilities by governments", saying information about holes in operating systems held by state agencies have "shown up on WikiLeaks" and is an "emerging trend in 2017".
He says Microsoft released a security update on 14 March in anticipation of the attacks, but millions had yet to download the patch. The attack was a wake-up call and "demonstrates the degree to which cybersecurity has become a shared responsibility between tech companies and customers", he wrote on Microsoft's blog.
A U.K. researcher by the name MalwareTech managed to curtail the spread of the malware after he discovered a web domain used by the hackers had not been registered, according to Forbes. He subsequently registered the site for approximately $10 and inadvertently halted the WannaCry operation in light of a technical oversight on the part of the hackers, Forbes reported.
Despite this gain, Europol says the threat is still ongoing, especially as people switch on their computers at the start of the working week.
Forbes
Steps to prevent malware infections on your computer
Von Solms told HuffPost SA "millions and millions are at risk". He says, however, that steps can be taken by users to prevent becoming victims to attack:
1. All computer users must install proper anti-virus software.
"This is the crucial first step in protecting yourself," he says. While anti-virus software won't necessarily protect users from all potential attacks, up-to-date protection is the first, critical line of defence, he says.
2. Download software updates
"Microsoft releases new patches, or software updates, regularly. It is important users keep up-to-date. Had those who had been attacked by WannaCry installed Microsoft's patched, they would have been protected," says Von Holms.
3. Back-up your data/files
"Many companies are hacked by ransomware now. If they have a proper, comprehensive backup of their data, it won't impact them if they are hit because they can restore their data from another source and continue operations. Many people before Friday didn't backup their data which is why some have paid the ransom to avoid losing their files".
Data can be backed-up to the cloud, including websites such as DropBox or Google Drive, or to alternative hard drives.
4. Be careful with your clicks
"People need to be aware of how the attacks work. If you receive an email from an unknown sender containing something that looks like an invitation, invoice or something else, make sure it's from a trustworthy source before you click or download," he says. If the attached item or link contains malware, it will infect your system and put you at risk, he says.