A cyberattack that began last Friday on computers in 150 countries has reinforced the need for organizations, including churches, to be vigilant in maintaining online security.
Malicious software called WanaCrypto0r 2.0, or WannaCry, infiltrated computers around the world with ransomware, a type of malware that essentially takes over a user’s data and demands payment for its release. Pinpointing a flaw in Windows systems, it caused chaos for organizations such as FedEx and the United Kingdom’s National Health Service.
The virus was finally stopped, accidentally, by a 22-year-old cybersecurity researcher who didn’t go to college and still lives with his parents.
Don’t have to click on a phishing scam
Phishing emails serve as the primary delivery system for malware. You may get an email that looks like it’s from your boss. But, once you click on the attachment the virus enters the system. From that point, all computers in that network are in danger.
Bill Eastwood, chief information officer for the Georgia Baptist HealthCare Ministry Foundation, says diligence remains the key.
“You must protect yourself. The people who develop these programs are clever. They know what type of interesting stories you may click on Facebook or another site you frequent online. You may even get a warning on your screen that your computer has been infected but can be fixed by calling them. They’ll ask for $200-$300 to fix a problem that isn’t even there and be gone before you know it,” he asserts.
Malware works through an individual’s contact list or computers in a network, such as those in a church office. The key, Eastwood drives home, is maintaining property security.
“If your virus software is up to date, you should be fine. Key ways to stay safe include using firewalls, virus protection, and malware protection software.”
The beginning of last weekend’s attack came earlier this year. At that time, the USA’s National Security Agency spotted a vulnerability in Microsoft’s software. Microsoft developed a patch almost immediately. However, computers that had not been updated remained vulnerable. On May 12 the company took “the highly unusual step of providing a security update” for all Windows customers.
According to Techworld, options for those already infected with ransomware are limited. Essentially, it’s pay or don’t pay. If you don’t pay, begin rebuilding from what you had backed up before the attack.
Churches can protect themselves through updating their computers daily, says Eastwood. However, another danger often goes unnoticed. Free wifi in public places like coffeeshops is convenient, but has its own set of dangers. Those wanting to exploit the openings have no qualms about it being a church setting. Eastwood suggests churches add a code for attendees wanting to use wifi, rather than make it openly available.
Shoring up cybersecurity is a lot like shopping for insurance. You hope you don’t need it, but are glad you have it when you do. Various companies offer different levels of protection.
“Go out and see what’s best for your church,” advises Eastwood. “There are free versions, but you only get the basics and they aren’t updated automatically and won’t catch everything.”