You've all read and heard about the major ransomware cyber-attack which hit hundreds of countries. Lots of companies as well as hospitals have been impacted, with their computers and local network being compromised by a "ransomware" (you no longer have access to your documents, until you pay a ransom to the hackers).
Now, there is something I do not understand. From what I read, the hackers exploited a Windows security hole, which was discovered by the NSA. Also, it's said that Microsoft patched this hole some months ago. So does it mean that all these computers compromised were not patched? I don't understand how this is possible!
Firstly, Windows update is turned ON by default. So all computers running Windows should be up to date, right? So how is it possible that so many computers were still not updated?
Secondly, it seems that this is mostly companies (and hospitals) which have been the target of this attack. And that is another point that I do not understand at all. I would assume that these kinds of sites are again more sensitized to security issues than individual people. Companies have system administrators, who's job it is to keep the computers and network equipment up-to-date. So I don't understand how they can be infected through a security hole which was already fixed.
Finally, I am reading all the recommendations from States, medias, etc., which are telling that to defend against this attack, "we" must update our Antivirus / Security Suites. But these software automatically update themselves already! So what's this bullshit recommendation? It makes me think that medias are trying to sound clever, and be the ones which know first and best, and giving advise, without really know what they are talking about.
I am not saying that with an antivirus you are 100% safe, but with Windows Update ON, and an antivirus, there is no nothing more that an individual can do.
If they want to give useful advise, they should tell people to install an antivirus, and be careful not to open e-mail attachments, and pay attention when Windows asks you to authorize(or not) an application to do something.
By the way, be careful folks. We never repeat it enough:
- install an antivirus on your computer. There are free versions and subscription ones.
- don't open e-mail attachment, even if the come from known contact (it's easy to spoof the identity of a sender).
- be careful of message boxes that Windows is showing to you. Most of time, when an application is trying to do something particular, Windows will ask you to authorize or not this application to proceed. So be careful of these messages.