WannaCry Ransomware Attack – What Should you Learn?
We have mentioned the risks of ransomware numerous times in the past, highlighting how users and organisations should guard against the threats and adopt best-practices to mitigate the risks.
The WannaCry attacks, however, demonstrate a new and extremely dangerous threat as they combine the debilitating impact of ransomware with the self-propagating nature of computer worms.
Many of you will be aware that ransomware is a malware instance (or rather a multitude of variants) which encrypts the contents of a machine’s hard drive. Users are faced with a stark choice: ignore the warning and hope that their back-up procedure is effective, or pay the ransomware demand and trust that the criminals will decrypt their data.
Keep your software up-to-date
A huge number of Windows XP and Windows 7 machines were affected by the WannaCry attack.
In an unexpected move, Microsoft took it upon themselves to issue patches for even unsupported software, so it is imperative that these updates are installed and system administrators look to upgrade to more secure software.
You can download English language security updates for: Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86 and Windows 8 x64 from Microsoft.
If your organisation is running PCs on Windows 8 or older (like over half of all Windows PCs), you should really look at upgrading to Windows 10. Akita can provide the required Microsoft licenses at cost, and can assist you with the upgrade if required. If this is of interest, please get in touch.
Educate your staff
The majority of ransomware attacks – and indeed most other forms of cyber crime – can be prevented by an informed and vigilant user base. Many instances of WannaCry occurred because company staff clicked on links supposedly from trusted sources.
Akita has written blogs on phishing scams and email scams in the past which may provide initial guidance to staff. Companies can also look to undertake the Government’s Cyber Essentials training which Akita can assist with as required.
Improve your antivirus
The cyber threat level is rising and most pedestrian antivirus solutions will not provide protection from viruses such as WannaCry. Akita now promotes antivirus solutions with specific ransomware protection capabilities, and it’s advisable for any business that may find themselves at risk.
Invest in a security review
Strong security measures are imperative, not just on servers and hard drives but on all parts of your network. With Ransomware attacks now using worms to spread, this remains crucial to protect your business. Having a full assessment of you IT infrastructure and procedures can highlight unconsidered risks.
Are your staff able to connect USB devices to your machines that might contain viruses? Which devices have access to sensitive data? And which staff connect to work IT systems (such as email) with their mobile phone? If you can’t answer these questions you should consider a security audit.
For more information on ransomware protection and general IT security improvements, please get in touch.