By now the WannaCry ransomware has been in the wild for around 5 days. Reports vary on how many countries have been affected, and how many computers have been affected, and which industries have been most affected etc etc. There is a common thread amongst most of the 50,000 articles you’ve likely already read regarding this particular attack, though – this is one of the best (or worst) examples of modern cybercrime in recent history.
A quick rundown – WannaCry (or WannaDecryptor) is malicious software that affects Windows machines that have not been keeping up-to-date with their security patches (Mac users appear to be safe at this stage, though it is likely that a variant of the software will be created to affect these also). The impact is that many, if not all, of your personal/business files, can be encrypted (made unusable/unopenable) permanently if you do not either pay the attacker or restore from backup.
A few months ago we wrote an article about what steps you can take to protect yourself and your company against such ransomware attacks. Of the suggestions we made, there are 2 in particular that I want to draw your attention to in light of this most recent attack.
- Keep things up to date. This attack only affected machines that had not deployed a security patch released by Microsoft in March. Windows XP machines were also affected since they no longer receive patches (being out of support since April 2014…3 years ago). If you’re still running XP – shame on you. Also, give us a call – we can help you out with that.
- Backup your data. I cannot stress this enough. Regardless of how much thought, time and money you put into maintaining best practices when it comes to security, there is still the risk of malware affecting your business. In some cases, restoring from backup is your only option. Paying out these ransomware vendors only feeds the industry and makes it more likely for trickier and nastier variants to be coming your way in future.
What makes this particular attack so scary is that it is primarily spreading in a way that doesn’t require the ill-informed actions of an employee to deliver its payload. It is spreading via the SMB protocol (a network file sharing protocol implemented by Mircosoft Windows).
At the end of the day, Malware vendors and hackers are getting smarter, and we need to keep pace. If you’re worried about your company’s security posture don’t hesitate to contact us today.
If you’re looking for consultancy services on your company’s security policy, contact Starboard IT to find out what we can do for you.