Protect your organisation from the WannaCry ransomware attack

On Friday, 12 May 2017, a cyber attack began which is now being heralded as the largest ransomware offensive in history. Large companies including FedEx, Renault and Peugeot were compromised as was the National Health Service (NHS) in the UK. By Saturday, it had spread to approximately 100 countries. But for those of us who aren’t well versed on computer and internet malware, viruses, and ransomware what does it all mean?

The virus that is causing so much damage is called WannaCry or some variation of that. It spreads through a vulnerability in MS Windows which is widely believed to have been discovered by intelligence services and used to obtain information covertly. The ransomware was likely built from NSA information leaked in 2016 by hackers and is now being used to shut down any system it infects and then demand payment from the user. The virus will lock down (encrypt) all documents, files, videos, pictures, everything it can and demand a payment from you.

The vulnerability existed in former versions of Microsoft Windows, even those which had support discontinued. If you use MS Windows XP, 2003, Vista or 2008, which many organisations still do, update it now by downloading and installing this patch. Instruct all your staff to ensure they have done the same.

If you use MS Windows 10, you are not vulnerable.

The virus can be spread by an email, or an email attachment. But, unfortunately, it doesn’t end there. If your network becomes infected then all devices accessing it could be infected and any infected network could infect your device.

If your device becomes infected you’ll know it because you’ll see something like this. If infected, cut off communication from the device to the internet or network immediately. Turn off WIFI on your computer, remove ethernet cables, or. Cybersecurity companies are working right now on a solution so watch the web for more advice on another device. Don’t pay the ransom. There are reports that the hackers simply demand more money from those who pay.

If you haven’t yet experienced the attack here are 5 tips for good cyber safety that you can practice right now:

1. Update all your devices. Make sure system updates have been implemented. Have you recently disconnected automatic updates on your computer, telephone, Smart TV, or Smart Watch? Remember to check it weekly.

2. Do not plug flash disks, insert CD/DVD/SD cards, or connect cameras or telephones to your devices or network from sources not known to you.

3. Even if the virus does not come through phishing or attached files, it is of utmost importance never to accept and open files from unknown sources. NEVER.

4. Look at emails more closely than usual. It is a good habit to verify the identity of the sender. Many phishing and malware emails are sent with addresses that look like one you will know, like, for instance bobl.smith@saferedge.com or bob.smith@saferedje.com. If you read it quickly or just glance at it you will not note the difference. It is possible to make your email more secure by using PGP encryption and verification. A simple guide for that can be found here.

5. Plan ahead. One of the things which was so crippling to the NHS was that it was unprepared for an attack of this sort. Imagine if all your organisation’s computers were now being held for ransom and you could access none of your files. How would you respond? What would you do to recover?

It’s likely that cyber attacks will continue and become more sophisticated. Users will need to become more savvy and the time to learn and implement cyber security is now – not when you’re attacked.

Need your staff to know how to protect themselves? Our digital security e-learning course is the answer. Drop us an email and we'll let you know more: operations@saferedge.com.