What is “WannaCry” Ransomware?
You have probably heard of the recent “WannaCry” ransomware attack that has affected over 200,000 victims in over 150 countries over the weekend.
Ransomware is typically hidden in a file attachment or a link within an email. The email appears to be legitimate, but urgent to catch your attention. Examples are invoice notifications, account summaries and bill payments.
Upon opening the file or following the link, ransomware will access your hard drive and begin encrypting files. Once encrypted, the files are held “at ransom” and payment is expected to unlock them. Ransomware is not limited to computers and can also attack other devices such as smartphones and tablets.
The “WannaCry” virus has been widely covered in the media because it has affected significant organizations within multiple countries. The “WannaCry” virus is not the first ransomware attack and it certainly will not be the last. Hackers are learning about the vulnerabilities of systems and end users to improve their attacks while making it increasingly more difficult to detect malicious content.
Reports of ransomware targeting large corporations, government agencies and hospitals are common – but as an IT company we have also seen attacks on small businesses across Canada. Regardless of the size of the company, when ransomware strikes companies are faced with loss of productivity, loss of revenue and expensive costs.
Unfortunately, once a company’s files are encrypted by ransomware, there are only two options; either pay the ransom or forfeit your files.
How can I protect myself from Ransomware?
Today, there is still a shocking number of businesses that do not take security seriously. Many companies think of security as an afterthought, only worrying about the effects of a cyberattack after it has already happened.
If you are ready to secure your systems, here are some very important questions to ask yourself:1
Are you using a supported operating system?
Organizations with old or unmanaged systems are at the highest risk for a security breach. Windows XP and Server 2003 (or earlier) operating systems are now unsupported by Microsoft and are considered obsolete. If you are using any of these operating systems, you need to replace them with a supported OS.
Are your patches and updates current?
Did you know that Microsoft released a patch to combat a threat like the “WannaCry” virus approximately two months ago? What this tells us is that many businesses are not keeping their patches up-to-date. The reality is that you cannot trust your end users to manage their own security patches and updates. Having an IT professional managing and overseeing your security updates on an ongoing basis helps to prepare a defense against attacks like the “WannaCry” virus.
Are you running updated anti-virus and anti-malware protection on all devices?
Make sure your systems are protected by viable anti-virus and anti-malware products such as Symantec, Sophos or McAfee. Once you have protection, make sure that the software is up to date. Each of these security updates includes protection against the newest and most threatening strains of viruses that are released on a daily basis.
Do you run backups?
If you are not backing up your devices, you need to start now. There are countless proven advantages to backing up your system including protection against ransomware. Maintain frequently scheduled backups to keep a recent copy of your files. This will allow you to recover the encrypted files instead of paying the ransom. With backups, you can restore your system to a time before the ransomware infected your device(s).
Are you backing up your devices often enough? The easiest way to answer this question is to ask yourself; how often does your data change? Is it daily, hourly or by the minute? How important is it for you to have the most up-to-date version of your data? Learn more about the cost of data availability gaps here.
Spread the Word
Are you and your end users familiar with the warning signs of malicious content and how to handle this content when presented with it? Read this blog on how to spot emails that may contain malicious content or ask your IT service provider for training on how to spot the dangers.
Should I pay the ransom?
If you have been infected by ransomware and are considering paying the ransom, unfortunately there is no guarantee that the affected files will be released once payment is received. The individuals who are deploying ransomware are cyber criminals. Trusting the criminals responsible for hijacking your data is dangerous and not advised.
If you are targeted or fall victim to malicious content, you can report a cyber incident here.
If you’re still not confident that your systems are ready to face an attack from malware or ransomware, contact your IT service provider to request a security audit.
An IT Professional can help you identify vulnerabilities and run ongoing monitoring and maintenance to ensure your systems are always up to date.