The BBC has reported there could be further ransomware attacks this week, following the global cyber-attack that saw 48 NHS Trusts, Hospitals and GPs’ surgeries become its most high profile victims.
It has taken an attack on an institution that serves to protect lives to propel ransomware onto our TV screens and newspapers – but ransomware has been around for some time and it doesn’t just target organisations the size of the NHS.
This article briefly covers what ransomware is, what happened in the attack and offers advice on how to protect your own systems – whether you are a large organisation, an SME or a solo business/operator running a single computer.
What is ransomware?
Ransomware is the installation you really don’t want – it’ll encrypt your files and you’ll be blackmailed in to paying a ransom for the recovery key. As users found out last week, when the ‘pay to unlock’ message pops up on screen – it’s already too late.
Ransomware can attack any PC users, whether it’s a home computer, endpoints in an enterprise network, or servers used by a government department or healthcare provider – such as the NHS. 90% of infections come from users downloading malicious content in emails or from web sites.
Ransomware incidents increased rapidly last year and, like an earthquake waiting to happen, it was only a matter of time before an attack took place on the scale that has seen more than 200,000 victims in 150 countries – at least so far.
What happened in this attack?
This attack was by the ‘WannaCry’ virus which appears to have been built to exploit a Microsoft bug and therefore only infected machines running Windows operating systems prior to Windows 10 which is unaffected. The NHS was particularly affected as it still runs Windows XP in some Trusts – Microsoft stopped supporting XP in 2014.
Microsoft have released a fix for all operating systems affected by the WannaCry virus. Downloads are available from the Microsoft guidance pages .
Reports suggest that ‘WannaCry’ spread via a worm virus – which can move around a network by itself, looking for vulnerable machines. The larger the organisation still using such machines, the greater the number of machines at risk of being compromised.
Any large organisation running dated IT systems will have had an uncomfortable weekend.
How can you protect your systems?
Ascentor has written a series of articles with the theme of ‘ Back up – or pay up ‘. We believe that the most effective strategy to avoid being held to ransom by the cyber criminal is to regularly back up your data so you can restore files without having to pay up should you be infected.
You should also ensure that you protect yourself by running updates, using firewalls and anti-virus software and by being vigilant and using common sense when reading email messages.
Further Ascentor ransomware guidance specific to your organisation type can be found here:
But ultimately, having good backups in place is no excuse for not implementing good preventative measures in the first place to reduce the risk of infection.
Cyber security controls don’t need to be complex or cutting edge to be effective. We’ve covered a number of recommended basic measures in our blog article ‘ An ounce of prevention could be worth a ton of cyber attack cure ‘.
Worried about ransomware?
If you’d like to discuss the topic of ransomwarein more depth or any aspect of IA and cyber security, please contact Dave James, MDat Ascentor.
Email: [email protected]