Last month the UK awoke to find over 200,000 organisations worldwide affected by the WannaCry ransomware attack, including many NHS Trusts across the UK. The ransomware virus took advantage of a flaw in Microsoft's software which was used by hackers to lock away files across organisational networks.
Ransomware is a rapidly growing trend among hackers who demand payment from organisations to retrieve the locked files, subsequently causing critical systems to be down until a payment is made.
With the rise in ransomware being used against many organisations, we've put together six key things you should be looking out for in the shadow of the recent WannaCry ransomware attacks:
- Unusual or Unexpected Attachments - As is often the case, this particular ransomware is spread via emails containing an attachment that is usually an infected Microsoft Word or PDF file disguised as a job offer, invoice, package delivery, tax return or other similar document. Keep vigilant of emails such as these, even if they appear to be sent by a colleague. If you do see anything unusual do not forward or open the email but notify your IT team as soon as possible
- Bad Links - If an email or website contains malicious adverts or suspicious links, clicking on these links could cause the ransomware virus to download to your device. Be cautious when visiting sites and clicking on suspicious links. If you become aware of any suspicious activity on your device, notify your IT team immediately.
- Downloading a Bad Program or App - Similar to clicking on suspicious links, downloading a suspicious program or app could give the ransomware virus the loophole it needs to gain access to your device. If you are specifically being encouraged to download the program or app, notify your IT team immediately.
- Unexpected Behavior on Your Device - If you suspect you may have opened a suspicious email attachment or clicked on a bad link, keep a look out for any unexpected behavior on your device such as unknown error messages, a significant change in speed or anything else that causes you to be suspicious. Report this behavior immediately to your IT team and be prepared to shut down your device.
- Don't Pay Out - If you have been a victim of a ransomware attack, paying the ransom is no guarantee that all your files will be returned to you safely and will most likely result in encouraging hackers to continue. The best course of action is to restore your files from a back-up and if this isn't possible there are tools available to help your organisation decrypt files and recover some information. Microsoft has recently developed a patch that can thwart an attack, you can find this available here.
- Think Long-Term - To guard against future vulnerabilities ensure that you stay on top of all patch releases and apply them quickly. It is also a good idea to start to plan to replace older Windows systems with the latest versions. Download our Windows 10 Readiness Assessment Guide if you are not sure of where to start.
If you have any concerns regarding your organisations security or you would simply like a conversation on best practices to ensure your organisation remains secure, please get in touch with us.
Share with a colleague: