Say the words genuine software to any Sri Lankan and the chances are you’ll get the classic head-to-toe, toe-to-head look. This is because, as Sri Lankans, we have grown accustomed to free goodies, be it food, travel or in this case software. While there are people who would use free and open source software (FOSS), there are a majority of people who still use illegal pirated software (commonly referred to as “cracked” software).
The perils of not using genuine software
On one hand it makes sense. Sri Lanka is still a developing country and the thought of paying around LKR10,000-15,000/- for genuine software is not really within the common man’s budget. So they would do what anyone faced in this situation would do: they turn to the internet or their friends to get a so called cracked copy of whatever genuine software they want to use. This is where the problem starts.
According to a survey carried out by the International Data Corporation in the year 2013:
- 36 percent of downloaded pirated software includes malicious malware.
- 20 percent of pirated CDs and DVDs infect the host PC with malicious malware.
- 15 percent of software coming through normal delivery channels is improperly licensed or infects host PCs with malicious malware.
While these numbers may not seem like much, this was 4 years ago and since then, new threats have raised their ugly head. Take for example, the Wannacry and Petya ransomwares. These ransomware affected over 100 countries within a few days. Once infected with the ransomware, the infected computer’s files will be locked and encrypted. The only way one could gain access again would be to pay the ransom asked (hence the name).
Exactly how much was the ransom? Well the demand was $300 in bitcoin. Once affected, a pop-up window would appear with instructions on how to make the payment. This pop-up also features 2 clocks. One clock would display the 3-day deadline to pay the ransom. If payment wasn’t made in 3 days, the ransom amount would double. The second clock was more deadly as it showed a countdown. As the countdown reached zero, the infected PC’s filed would be deleted forever.
If you didn’t have $300 in bitcoins to pay, an alternative method would have been to format the PC yourself and reinstall everything from scratch. If you had by mistake kept important files in your primary partition or your desktop, then those would be deleted too. Overall, this ransomware indeed would make a person “wannacry”.
Why are PCs vulnerable to these Ransomware?
(Un)surprisingly, the number one reason for PCs to get infected by these ransomware was that they were running outdated version of Microsoft Windows. This was the perfect opportunity for the ransomware to strike. Because these PCs weren’t updated with the latest security updates, they were left vulnerable to attack. This also goes to show you the disasters that are waiting to happen if you’re not running genuine software. Because the software is pirated, they cannot authenticate themselves online to receive the latest updates. Hence they are susceptible to attack.
While the attacks seemed to be only targeting Microsoft based systems, there were a few reports of Linux systems getting attacked as well. Overall, if you were running any version of Microsoft Windows prior to the Windows 10 Creators Update, you were at risk and any similar systems connected were at risk as well.
How can I stay protected?
Well, for starters, you should refrain from downloading or installing unrecognized files. Ransomware often spreads via an executable file attached to an email, advertisements on torrent sites or is even downloaded when using peer-to-peer networks such as torrents.
Install genuine software
Probably the most important thing you can do to protect yourself is to ensure that you’re installing genuine software. In addition to providing an extra level of security, you are also eligible for frequent security updates and patches, which you don’t get with unlicensed software. Furthermore, apart from installing genuine software, you should obviously also keep it updated. There’s no point running a genuine version of a 5-year-old software application when you can update it to the latest version. This includes keeping your web browser, operating system, and even your antivirus software updated.
Keep yourself updated as well
As newer and more complex threats rear their ugly heads, it’s of the essence to stay updated, both in terms of your own knowledge and the security of your systems. If you hear about a threat, go online and search for it. Online forums are a veritable goldmine for information such as this and can help you stay safe.
Always ensure you’re running genuine applications and that they’re always up to date. Remember the golden rule: “An ounce of prevention is worth more than a pound of cure”.