On Friday, May 12, 2017 a massive ransomware attack was launched affecting computers worldwide. Ransomware attacks typically rely on unsuspecting end users clicking on a link or an attachment which launches a program that encrypts (locks) all of the files a user has access to, including those on a corporate server. The user is then told to pay a ransom in the form of BitCoin to receive a key to unlock the files.
This particular ransomware attack exploits a vulnerability in Microsoft Operating Systems. Microsoft released a patch for this vulnerability in March for their supported operating systems; however, many organizations neglect to apply patches or are still using older, unsupported, versions of Microsoft OS such as Windows XP.
For those organizations that are not covered under our SafetyNet Managed Services (Ultimate) program, here are some simple steps your business can take to protect against ransomware attacks:
- Make sure you are using supported operating systems and applications
- Make sure you apply the latest patches as soon as they become available
- Make sure that all of your systems are protected by antivirus and anti-malware software, and ensure that the virus and malware signatures are updated automatically and consistently.
- Employ a “next generation” firewall with integrated threat detection
- Implement backup procedures that create more frequent “recovery points” to limit the amount of lost data if you need to recover your data from backups.
- Educate your end users to look for the tell-tale signs of a suspicious email
The last step is the most important. As this is an active attack, variants of the original virus are already circulating to thwart countermeasures already in place. It is imperative that your end user community be ever vigilant in inspecting what they are receiving in email and proceeding with caution.
In the next few weeks SymQuest will begin offering a comprehensive end user security training and testing platform that will allow our customers to build up their last line of defense, the “human firewall”. Look forward to more information on that in the coming weeks.
For more information on the WannaCry Ransomware Attack visit https://www.dhs.gov/news/2017/05/12/dhs-statement-ongoing-ransomware-attacks.
To stay up to date on the latest news about network security and vulnerabilities subscribe to Tech Talk today.