How to avoid a cyber attack: Malware and ransomware explained
Malware is a general term that refers to software that is harmful to your computer, says Professor John Villasenor, of the University of California, Los Angeles. Ransomware is a type of malware that takes over a computer and prevents users accessing data until a ransom is paid.
HOW DOES YOUR COMPUTER BECOME INFECTED WITH RANSOMWARE?
In most cases, the software infects computers through links or attachments in malicious messages known as phishing emails.
"The idea is to try to trick the victim into running a malicious piece of code," says Jerome Segura, a senior malware intelligence researcher at Malwarebytes, a San Jose-based company that has released anti-ransomware software.
"The age-old advice is to never click on a link in an email."
* UK hospitals turn away patients after cyberattack cripples computers worldwide
* New Zealand unaffected by global cyberattack 'at this time' as police take precautions
BUT HOW DOES IT WORK?
"Ransomware, like the name suggests, is when your files are held for ransom," says Peter Reiher, an adjunct professor at UCLA who specialises in cybersecurity.
"It finds all of your files and encrypts them and then leaves you a message. If you want to decrypt them, you have to pay."
The ransomware encrypts data on the computer using an encryption key only the attacker knows. If the ransom is not paid, the data is often lost forever.
Segura says that in most cases, the attackers change the wallpaper of the computer and give specific instructions about how to pay.
Most attackers demand up to $US500 ($729) to remove the malicious ransomware. The price can double if the amount is not paid within 24 hours.
HOW CAN PEOPLE PREVENT ATTACKS LIKE THIS?
Users should regularly back up their data and ensure security updates are installed on your computer as soon as they are released. Up-to-date back-ups make it possible to restore files without paying a ransom.
Friday's global cyber attack exploited vulnerabilities in some versions of Microsoft Windows. Microsoft has released software patches for the security holes, although not everyone has installed those updates.
Users should look for malicious email messages that often masquerade as emails from companies or people they regularly interact with online. It is important to avoid clicking on links or opening attachments in those messages, Villasenor says.