The WannaCry ransomware attack (also called WannaCryptor) has encrypted the data on more than 200,000 computers in 150 countries, with victims asked to make payments in bitcoin to regain access to their files.
WannaCry exploited vulnerabilities on older Microsoft operation systems, such as Windows XP. While Microsoft has released a patch that has slowed the spread of WannaCry, variations of the attack are within the realm of possibility.
To make sure you’re prepared, take the following precautions.
Avoid using outdated or unpatched hardware
Aging operating systems put your business at ever-increasing risk. When systems reach end of life, the manufacturer no longer rolls out security updates for those systems. These vulnerabilities leave your systems – and therefore all your business data – susceptible to being breached by attacks such as WannaCry. The National Cyber Security Centre recommends keeping hardware and software up to date with patches (i.e. bug fixes), which becomes increasingly difficult – and eventually impossible – the older the hardware gets.
If your IT staff don’t have time to apply updates in a timely manner, a managed IT service can provide assistance by monitoring your system settings around the clock and applying updates as needed.
Implement the right tools
If security tools are outdated or underpowered, it’s all too easy for ransomware and other malware to breach the perimeter of your network, even if you’re using anti-virus. This is why anti-virus must be part of a complete network security solution which includes intrusion detection and prevention, deep packet inspection, and port scanning and protocol inspection.
If you fall victim to an attack despite your best efforts, having current data backups is key to recovering your data without paying the ransom. While some businesses choose to pay the ransom to quickly regain access to their systems, security professionals strongly recommend against this approach. By paying the ransom, not only are you supporting a criminal enterprise, but there is no guarantee you’ll regain access to your files.
Follow cybersecurity best practices
While staying prepared for an attack will help mitigate problems when they happen, you can reduce the risk of an attack in the first place by following these best practices:
- Create secure passwords or passphrases including a mix of special characters, numbers and lower- and uppercase letters.
- Store passwords securely in a resilient password manager with a strong passphrase.
- Use a second method of authentication in addition to a password when possible.
- Lock your computer when you step away to prevent an unauthorised person from accessing the data and applications to which you have access.
- Check for phishing links by hovering over the link with the cursor. If the destination URL is different to the supposed sender’s primary domain or does not match the URL text in the email, treat the email as a phishing attempt.
- Use a virtual private network (VPN) when connecting to Wi-Fi networks outside the business.
Nearly 14 per cent of breaches were caused by errors in 2016, so following these basic security practices is a key part of reducing your organisation’s overall cyber risk.
What will you do differently to protect your business from ransomware in the wake of WannaCry?