WannaCry? Make sure your business isn’t affected…
Since initial outbreaks surfaced on Friday, there have been many news headlines highlighting the impact of the WannaCry ransomware cyber attacks and talks of a second string of the ransomware affecting systems globally. Over 200,000 systems are known to have been affected.
What is ransomware? Ransomware is generally an attack carried out by Trojans which have been downloaded to systems through websites, email links, attachments or a vulnerability in a network service.
Once a machine is infected files are generally encrypted so you cannot access them and you are presented with desktop backgrounds and/or popups informing you that your files have been encrypted. Along with this comes demands for a “Ransom” to decrypt the files, which is the “Ransom” in Ransomware. Some people are going to pay the ransom which will result in a decryption key being sent, but will it work? Remember this is a criminal act, so why would you expect this to work? It may, it may not… Hopefully you are not in a position to need to pay the “Ransom” as you haven’t been affected or have a known good backup of your files.
What can you do to minimise the risks?
Patch your machines and applications. Why do Microsoft and other software manufacturers release patches? Some patches are to fix bugs or add software improvements but critically they also release them to fix security issues in the products and close vulnerabilities which can lead to exploits occurring such as in this case.
Through our Managed Services Agreements, our clients using our RMM tools have their systems monitored and patched regularly ensuring that they are protected as best they can be with the latest OS updates and patches.
Antivirus / Endpoint Protection. Ideally Endpoint Protection as this provides a firewall which will in realtime monitor network traffic and potential attacks on a machine whilst also including Antivirus which will allow you to scan your machine for viruses. It also enables scanning detachable media such as USB keys which could be another source of spreading such malicious software.
We recommend ESET Endpoint Protection based on reports from our close friends at SE Labs, for more information on ESET products please get in touch or for information on our Managed Endpoint Protection offerings. See ESET’s KB article on the outbreak.
Backup, Backup, Backup!! It’s always the way, I was going to backup but…
Having backups of your files is key, even if you weren’t hit with malicious software, what would you or your business do if you lost all of your files through a failed hard disk? Or what if your only version of backup was on an external hard drive connected to the machine that was encypted by CryptoLocker or WannaCry etc.. and gets encrypted also? …Doh!
Cloud backup is the way forward, not only does it mean that your files are kept offsite so you are protected against losing all of your data through fire or theft, but with solutions offering versioning of your backups, this means that even if the latest backup version is a copy of your maliciously encrypted files, prior versions should be orginals.
We resell several products in this arena to fit different purposes, each tested and checked to ensure they are fit for purpose and meet several other requirements such as those falling under the new GDPR regulations coming into affect in 2018.
Whilst the above involve investment or services, one of the most important things is to be vigilant and think about what you are opening, downloading or browsing before doing so. Do you recognise the sender of the email you are about to download a file from? Does the email format look like the normal emails from Apple, Amazon etc… See our video on how to spot phishing emails, the same applies to malicious emails.
So… Protect yourselves, Backup and stay vigilant.
Info@sbsit.co.uk or 0203 397 5940