In a world where hardly a day goes by without breaking news about some or other cyber security breach costing the victims millions of pounds, countless lost man hours and severe reputational damage, even a small business can no longer ignore the threat.
Malware refers to malicious software that accesses a user’s computer system without his or her approval and often without their knowledge.
It has become a serious threat and a real danger to businesses large and small because it enables cyber criminals to gain access to crucial company data, such as employee security numbers, operating systems, sales data and other financial records. Spyware, Trojan horses, worms and viruses are all examples of malware.
As you know, thousands of organisations in the UK and overseas have been caught out by a ransomware attack called WannaCry, also known as WanaCrypt0r 2.0 and WCry. The malicious software locks data and then demands payment of up to $300 (£230) in Bitcoin, a demand which doubles in 3 days, before it will restore locked files. Some security experts warn that there is no guarantee that full access to locked files will be granted even after a payment has been made.
WannaCry seems to have spread via a computer virus known as a worm; once inside an organisation, it hunts down vulnerable machines and infects them too. This explains why its impact has been so public – because large numbers of PC’s at each affected organisation have been compromised.
Infections have been reported by security firms in more than 150 countries and Mikko Hypponen, chief research officer at Helsinki-based cybersecurity company F-Secure, called the attack "the biggest ransomware outbreak in history”. So far.
Why has the NHS been affected so badly?
In the UK, many hospitals have fallen victim to this ransomware attack with staff being forced to fall back to pen & paper and to use their own mobile phones after the attack affected their key systems.
There could be many reasons why the NHS was so badly affected. The most likely is because it’s a huge organisation, supported by a very large IT infrastructure which has lots of partners and suppliers connected to its core network.
It’s fair to say that complexity is an enemy of security and elements of the NHS network, especially those operated by suppliers, may not have been as well maintained as they could have been. Patches that would have protected systems from WannaCry clearly had not been applied. So, as soon as the worm got in, it was allowed to run riot.
Am I at risk from Ransomware?
The WannaCry virus only infects machines running Windows. If you have not been updating Windows, or are still using old unsupported versions such as Windows XP, then you could be at risk. Especially if you do not take care when opening and reading emails.
You can protect yourself by running updates, using firewalls and anti-virus software and by being very wary when reading email messages. Taking a backup of key data, which can be restored without having to pay up should you be infected, is also a wise thing to do.
What has Microsoft done to help tackle this?
Microsoft issued a patch to protect Windows users on March 14. Last Friday, a Microsoft spokesman said it had provided additional protection against the WannaCry malware and that its engineers were also working with customers to provide further assistance. GCC customers will have had the patch issued to their PC’s as part of their desktop support service.
The Microsoft spokesman reiterated that customers who have Windows Updates enabled and who use the company's free antivirus software, Microsoft Defender, are protected.
Can these infections be stopped?
Unfortunately, not really. No protection can ever be 100% perfect because organisations are run by people and people make mistakes. Cyber thieves rely on tricking email recipients into clicking links in their booby-trapped emails – a practice known as phishing – or into opening attachments to start off an infection.
How can I best protect myself from Ransomware?
The very best protection for you, both at work and at home, is:
- Keep your organisation's security software patches up to date;
- Use proper antivirus software services and, for any personal/home computers:
- Run Windows Update;
- Make sure your antivirus product is up to date and run regular scans;
- Most importantly for ransomware, back up the data that matters to you, because you can't be held to ransom for data you hold somewhere else;
- Be extremely suspicious of all e-mails, particularly those which ask you to open attached documents or click on web links.
If you need any further information from the GCC Helpdesk, contact us on 0845 260 1161.