We all do it: click “remind me tomorrow” when that notification pops up to install the latest software update. I mean, those little updates take forever and disrupt your workflow. You have to wait for it to download, restart, and then watch that progress bar mock you with a promise of “five minutes remaining” that you know will take at least three times as long.
So, you go get a cup of coffee, and come back and it’s still there… promising five minutes…
Fifteen minutes later, it finally finishes, and you can get back to work, cursing the time lost to a silly, insignificant update that you should have just clicked “remind me tomorrow.”
But putting off that update could cause far worse problems than a forced fifteen-minute break from work.
On January 10, 2020, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency released an alert urging the updating of VPN servers with a patch that can prevent a well-known vulnerability1. (Read the entire alert here.) Available since April, thousands of servers still remain unpatched, which allowed successful attacks by ransomware named Sodinokibi. These attacks, at best, caused disruptions of service2 and, at worse, had companies paying ransoms to regain their information3.
You might be saying to yourself, “I don’t deal with my server; why should I care?” That’s true… most people never have to even think about keeping their server updated (though it’s not a bad idea to reach out to your server host to make sure they are keeping your server up to date). But everyone who uses a computer is vulnerable to hacking, and one of the best ways to avoid an attack is to keep vulnerabilities to a minimum, and that’s where software updates come into play.
Software updates, whether to your computer or your handheld device, often contain patches to known vulnerabilities. Putting off these updates is like leaving your front door wide open with a big sign saying, “all are welcome.”
These are the top news results today when you search “software vulnerability” on google:
Doom and gloom, yes, but it also highlights how omnipresent this problem is. And not updating your computer doesn’t just affect you… when it comes to computer viruses, sharing is NOT caring. One vulnerable computer on your network can potentially expose everyone.
The Director of Software Development at Davin shared his thoughts on the dangers of not updating:
“Restoring a computer from backup can take hours and restoring your computer out of necessity is a bad time to find out that your backups are not current or have been corrupted by the hacker. In that case, future messages to update will be welcomed.”
Don’t leave your software update for another day. Eschew that “remind me tomorrow,” grab a cup of coffee, and let your computer update. It may just prevent a frantic restoring of your system that could take longer than that fifteen-minute update.
References
1. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. (2020, January 10). Continued Exploitation of Pulse Secure VPN Vulnerability: CISA. Retrieved January 15, 2020, from https://www.us-cert.gov/ncas/alerts/aa20-010a
2. Schwartz, M. J., & Ross, R. (2020, January 7). Patch or Perish: VPN Servers Hit by Ransomware Attackers. Retrieved January 15, 2020, from https://www.databreachtoday.com/patch-or-perish-vpn-servers-hit-by-ransomware-attackers-a-13583
3. staff, S. (2020, January 12). Albany International Airport: Christmas Day cyber attack did not affect operations. Retrieved January 15, 2020, from https://www.saratogian.com/news/local-news/albany-international-airport-christmas-day-cyber-attack-did-not-affect/article_d6eb574c-33e3-11ea-92c6-b356e2c42b00.html
Let Us Know What You Thought about this Post.
Put your Comment Below.