WannaCry – the public now know what ransomware can do
Disruption from Friday afternoon and over the weekend has been ‘unprecedented’. In the UK the big impact appears to have been felt by the NHS and this has brought it into the public domain with all of the associated press coverage. Ransomware should now be something that most people are aware of and hopefully they can look at ways to protect their computers.
The attack was not specifically targeted at the NHS and as the weekend rolled on and turned into Monday it became apparent that the attack was worldwide and included a number of US, European and Russian organisations and businesses.
Many commentators are suggesting the person(s) who launched the attack was an amateur but my response would be that this should be of great concern to us all if an amateur can get an attack to spread so rapidly and impact on so many machines. Also some are suggesting that the code of how to launch this attack was stolen from a US security agency (still think its an amateur?) and this agency had known about the security weakness in Microsoft Windows for some time but not reported it to Microsoft.
Microsoft did release a patch in March to resolve this but obviously not everyone had applied this to their systems. Security patches are important to apply as soon as possible but as with all patches they need to be tested before they are rolled out across all machines. Some people will still recall the days when patches often caused the Blue Screen of Death (BSOD) making it more important to test every single patch but this is less of an issue nowadays.
There are several things that can be done to minimise the exposure to attacks and the impact of them should they get through (and also reduce the impact of BSODs).
- Have a good Internet Security product. A managed one is preferable because then you can leave the settings, monitoring, etc to experts
- If it’s not part of the internet security suite then have a next generation ransomware layer of protection
- Automated patching of 3rd party applications such as Adobe Reader, Java, Firefox, Chrome, etc. To update them all manually or when prompted is too time consuming. Some 3rd party applications are essential for day to day tasks but they are the most commonly used point of entry for attacks.
- Patch Windows (and other operating systems) regularly. Check at least once a week, even if the device is set to automatically apply updates. Some updates require manually intervention, a bit of a push or several attempts.
- Have a backup or three. Make sure your data is backed up off the computer and/ or server. Ransomware can lock locally connected USB flash drives and hard drives making them useless to recover from so both local and cloud (offsite) copies of the data is recommended. If you can create an image of your entire computer then this also helps should your operating system be damaged by a virus, ransomware or one of those bad patches that results in a BSOD.
If you would like to discuss security, patching or backups then give us a on 01653 908069.
Be Safe
Nick Teasdale
