WHAT DO YOU NEED TO KNOW ABOUT RANSOMWARE…
“WannaCry”, the latest iteration of pervasive ransomware epidemic, became centre stage this weekend when it crippled 22 NHS trusts, and infected over 300,000 computers in 150 countries.
Ransomware targeted 50% of organisations last year and predications for this year are that enterprise targeted Ransomware attacks will be become mainstream, largely due to how unprepared organisations are for any such attack. You may be forgiven (if you read mainstream news stories this weekend) for thinking you are safe if you don’t have Windows XP, the operating system that is still in use the NHS. Nothing could be further from the truth. Ransomware hackers can exploit any operating system that is not up to date, and in the case of “WannaCry”, operating systems that do not always have all critical patches installed.
Just as pertinent, it is important to remember that RansomWare programmers, like all malware programmers and hackers, make judicious use of Social Engineering. By not recognising infected emails and website, users inadvertently download infected files onto their machine. This is one of the most popular ways for instigating an attack, which can result in your business being disabled for a significant chunk of time, and worst case scenario, permanent loss of data.
What can you do to protect yourself?
- Educate your users! – 51% of the worst security breaches last year were caused by human error. Cyber Wise regularly educates your users with courses and simulations and studies show that this reduces the chances or a successful attack significantly.
- Make sure all your devices are always up to date with the latest updates. If there are critical patches related to malware that are not in your updates, you are vulnerable to attack. Cyber Wise Active Health Monitor will actively patch and update your server systems as soon as they need it so you needn’t worry whether you are up-to date. It has been reported in the news that the patch for “WannaCry” became available two weeks ago but few users downloaded it!
- Always make sure your data is securely backed up. If you don’t have a regular backup or aren’t sure, make this a priority. It is by no means certain that if you are a victim that your data will be restored. In our experience over the last year, every client we have helped with an infection of RansomWare has had to restore their data from a recent backup.
- Install good quality end-point protection. Free anti-virus doesn’t cut it! Sophos End-Point protection, along with Sophos Intercept-X work seamlessly together to provide you with cutting edge protection. Intercept-X specifically is designed to stop RansomWare in its tracks.
- Talk to us about best of breed technologies and strategies to protect your business. We are delighted to report that none of our Cyber Wise Subscribers have fallen victim to Ransomware in 2017, due in no small part to our commitment to training, education and the best possible business solutions.