Article posted: May 18, 2017
By Joakim Thoren, CEO
Everyone is talking about the recent worldwide ransomware cyberattack, named WannaCry. A suitable name as the WannaCry ransomware attack was particularly vicious, shutting down hospitals and disrupting high-profile operations like Telefonica, FedEx and Renault.
According to a recent ECNMag article, this was the "largest ransomware attack observed in history." Europol Chief Rob Wainwright added, "More than 200,000 victims have been hit in 150 countries as of last week."
So far, experts believe the WannaCry ransomware attack exploited a security flaw in Microsoft's Windows XP operating system, which was no longer supported by Microsoft (Microsoft did issue a full response and patches to address the situation, which can be found at https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/).
This particular ransomware attack was sophisticated in that it supported dozens of languages, and spread quickly because the perpetrators used a digital code supposedly developed by the US National Security Agency - and leaked as part of a document dump, according to Kaspersky Lab.
The attack was unique because it combined ransomware with a worm function, meaning once one machine was infected, the entire internal network was scanned and other vulnerable machines were infected. Furthermore, the US security firm Symantec said the attack appeared to be indiscriminate.
There's always risk with operating older operating systems that no longer receive mainstream security support. But, organizations like hospitals and government agencies and small- and medium-sized businesses (SMEs) often have no choice as they require legacy applications to work within older operating systems for daily tasks.
So how can organizations of all sizes protect themselves from future devastating ransomware attacks? We provide some key tips:
- First and foremost, educate all staff to not open links and attachments in emails, unless they are from a trusted source and relevant to the employees' work.
- Always install security updates as soon as they are available.
- Keep all software up-to-date and require daily back-ups, so if files are lost they are recovered with minimal losses.
- Patch Server Message Block (SMB) vulnerability, enable firewalls and block SMB ports or disable SMB completely.
- Use an antivirus program.
- Eliminate human errors and leaks by choosing multi-factor identification security methods over passwords to access corporate data.
- Never pay a ransom to hackers, as there's no guarantee they will honor your payment and release your files.
To learn more about protecting your company's data and valuable assets, visit https://versasec.com