Ransomware: top 10 tips to protect your business
By Charlotte Margree • 19 May 2017
Cyber apocolapse averted, it's now time to take stock of last weekend's global Wanna Decryptor ransomware cyber-attack, and work out how you can make sure your business doesn't end up in the same state of crisis as the NHS did.
How the NHS fell victim to ransomware
It was no secret that the NHS was vulnerable to attack. UK defence secretary Michael Fallon has said the NHS was warned on "multiple occasions". The NHS's own head of security, Dan Taylor, last year highlighted the risks of unsupported operating systems and reduced funding. And ransomware attacks are nothing new for the NHS. Even before this weekend's attack, around 30 NHS trusts in England had already been held ransom to cyber blackmail.
Dan Taylor highlighted seven known data security challenges in the NHS:
- Unsupported OS browsers
- Inappropriate staff training
- Poor leavers, movers and changes processes for staff
- Too many privleged system accesses
- Significantly reduced investment funding
- Limited situational awareness of cyber preparedness locally
- Social engineering - sophisticated spear phishing
In this instance, it was the NHS's failure to apply the March Windows OS update that left them exposed to Wanna Decrpytor. Unfortunately, this is unlikely to be the last of such attacks on the NHS.
What is ransomware?
Ransomware is used by blackmailers to demand payment from their victims in return for the release of their hijacked computers or systems. It can spread in many ways such as a link in an email or PDF, or a password-encrypted ZIP file which contains a PDF. These emails are sent under various guises, such as fake invoices, job offers, security warnings and undelivered email. Basically, the blackmailers encrypt your files so you can't access them, then demand payment for the encryption key.
Our top 10 tips to protect you from ransomware
- Make sure you run any updates for your operating system or applications including Java. Updates don't just provide extra functionality and fixes, they provide important security updates to help you keep ahead of cyber criminals.
- If you are running unsupported operating systems, you need to upgrade them. They no longer get security matches, which means you're vulnerable to cyber attack.
- Run anti-virus on all your devices. Again, make sure it's up to date and runs regular scans.
- Disable macros in Office applications. They are often used in ransomware attacks in the guise of documents downloaded from the internet. In Office 2016, you can limit the functionality of macros by preventing you from enabling them on documents downloaded from the internet.
- If you receive any emails from unknown senders, try and verify their sources before opening attachments or clicking on a link.
- Look at the file extensions of suspicious attachments. It could spell bad news if it doesn't resemble a normal extension (for example, .docx) or has multiple extensions (like .avi.exe).
- Perform regular backups of your systems and test restores. In the unlucky event you're caught up in an attack, make sure you can recover your documents without being held to ransom.
- Make sure passwords are regularly changed. Don't use the same passwords in a row, and strengthen them by including numbers and special characters.
- Ensure that you only connect to credible WiFi points. Some people purposely don't password protect their WiFi so they can try and gain access to your devices.
- And finally, make sure you train your staff about good IT security
Summary: what to do when opening emails
- Check the email address to see if it's coming from a credible company. Don't just trust the branding or content of the email.
- Ask yourself 'was I expecting this email'?
- Look but don't click. Hover your mouse over the link; if it doesn't look right don't click on it. If you want to test it, open your browser and type it in.
- Watch out for multiple grammar erros. Many legitimate emails are properly checked for grammar and spelling mistakes, but occassionaly, one or two might get through. If there are a number of them, this could be a warning sign.
- Don't give out any personal information.
- Use an email security and spam filter to lessen your exposure to bogus emails.
Find out how endpoint protection lifts the three curses of business mobility - data corruption, breach and loss.
Share this post