The recent global cyber attack WannaCry has hit over 150 countries, encrypted the data of 200,000 computers and affected organisations such as the NHS, FedEx, Nissan and Renault. With the NHS forcing to divert or turn away patients due to the computer shutdown – this latest attack put lives in danger.
WannaCry exploits a vulnerability in Microsoft, who released a software patch to fix it in March, however many users fail to install updates and patches on their computers meaning vulnerabilities can remain open a lot longer and make it easier to exploit.
The attack was just another on a long list of recent cyber issues. Telecoms giant Talk Talk were handed a record £400,000 fine for their failure to prevent an attack that accessed over 150,000 customers’ data.
What is Ransomware?
There are two main types of ransomware – lock screen ransomware, where screens are locked to bar access, and encryption ransomware, where files are altered and opening prevented until an encryption key is applied. Either way, a ransom – usually payable in Bitcoins – is demanded, and which affected organisations must pay, or lose critical data.
As cyber criminals become ever more sophisticated, businesses can be infected by ransomware via a number of routes but typically email, through accessing malicious websites or due to flaws in installed software (and omitting to apply patches).
Top tips to protect your business
Cyber security threats touch all areas of any organisation – big or small. It is critical that staff are educated on the implications of cyber security as a business risk. Most businesses will have in place some of the measures IT professionals believe are essential for protecting businesses from cyber crime:
1. Install anti-virus, web filtering and firewalls
The best way to secure against a cyber attack is to prevent malware entering the business in the first place. Implementing anti-virus, web filtering and firewalls are a must – and ensuring they are always up-to-date.
2. Keep software updates patches applied
Malware can often enter via bugs in software and applications. Protection can be advanced through ensuring software updates are implemented and patches applied as soon as they’re released. WannaCry is believed to be exploiting a Windows issue for which Microsoft released a patch in March, but many organisations did not update their systems.
3. Backup your files and data
Whereas encryption ransomware will result in live data being affected, backup data will not have been maliciously encrypted. Once infected devices have been cleared backup data can be restored and your business can be swiftly back up and running!
4. Train your employees! It’s essential to keep reminding employees of these potential ransomware threats. (The malware of this attack was distributed by phishing emails)
Cyber crime originating through email is common, often sent as mass random communications. Therefore, it’s worth ensuring employees receive regular training to remind them of potential hazards. Emails incorporating malicious links still create issues for many businesses. Some tell-tale signs to look for include:
-You should only click on emails that you are sure came from a trusted source
-Emails claiming to be from well known, reputable organisations. These may have email ‘from’ addresses that differ very slightly from the official address – i.e. a 0 replacing O
-Emails may have been sent by one of your contacts, whose own accounts have been hacked. These can often be identified as they contain a short – often nonsensical message – and (malicious) link
-Social media networks or instant messaging may also contain links to malware
-Increasingly, malware is distributed via every-day type documents that invite users to enable macros. A robust policy regulating download privileges, defining rights per employee can extend protection across the business
5. Is it really the CEO emailing?
A common and growing form of cyber attack visited through email is that of spear-phishing, where an attacker poses as a company official to exploit a specific function – such as a ‘CEO’ requesting finance transfer funds. These types of email can also claim to come from official organisations – a bank, government department, or even the police, for example.
6. Formalise security policies
Define in writing formal protection policies and processes, and work with an IT partner to roll out these policies on every machine, to provide as much protection as possible for each individual user.
7. Password policy
It goes without saying that the more robust a password requirements policy, the harder it is for cybercriminals to infiltrate. But many businesses still employ an ineffective/weak set of regulations – if any. Insisting on unique ‘strong’ passwords for individual accounts will help reduce potential risk, as will implementing single-sign on solutions. With multi-factor authentication, access is gained only after successful submission of various pieces of requested information, such as a numeric code texted to a mobile device, as an additional layer on top of password control. Don’t leave a list of passwords lying around on a sheet of paper or in a file named ‘passwords’!
8. Turn off immediately if suspicious activity is detected
At an early stage of an attack disconnecting from the web could prevent the malware establishing itself, but doing so may also prevent ransomware spreading to other areas of the business.
Cyber Liability Insurance
As always prevention is better than cure, and the recent attack was a stark warning of the dangers that cyber-crime presents. The attack was a part of a global computer malware made personal details and finances vulnerable.
Horner Blakey are advising businesses to consider purchasing Cyber Liability insurance – to find out more about this cover or for a quotation please call 020 7929 0108.
