Imagine going into work next Monday, and booting up your Windows computer, only to find this message:
Many of your documents, photos, videos, databases and other files are
no longer accessible because they have been encrypted…if you want
to decrypt all your files, you need to pay. You have three days
to submit the payment. After that the price will be
doubled. If you don’t pay in seven days you will lose
your files forever.
That’s what happened to hundreds of thousands of computers this week. On Friday, May 12, a global ransomware cyber attack hit, affecting computers in 104 countries. The effects included:
- In the United States, FedEx was reportedly affected.
- In Spain, telecom and gas companies were hit.
- In the UK, at least 16 hospitals had to divert patients from their ERs as multiple computer systems locked up.
- In France, carmaker Renault reported factory shutdowns as the virus halted production.
- Russia’s interior ministry said 1,000 government computers were disrupted.
It was one of the biggest cyber attacks to date. The malware, or computer virus, has been called WannaCrypt, WanaDecrypt, and WannaCry. The virus spread via a file sharing vulnerability in Windows. Microsoft issued a patch to plug this security breach back in March, but older machines didn’t support the security patch.
On Monday, BBC News reported that approximately $70,000 had been paid to the cyber terrorists.
Ransomware is the latest malware that locks your precious files and requires you to pay to retrieve them. It installs an extortion message on your screen, usually with a ticking clock, telling you to pay the ransom or your files go kaput. Ransomware causes the following troublesome effects:
- You will not be able to run any programs on your computer, except the one that allows you to cough up the cash.
- Encrypts your data so you can’t open it.
- Stops you from browsing the Internet.
- Halts any non-essential programs that were running when the infection occurred.
Usually, you pick up this virus through file sharing or clicking on a link that you shouldn't have. Oops.
Kaspersky Lab says ransomware isn’t just a virus – it’s an epidemic of global proportions. The Ponemon Institute reported that by the fourth quarter, 2016, there were more than 4,000 ransomware attacks every day. In 2015 the figure was 1,000 attacks per day.
In 2016, cyber bullies started targeting American hospitals to reach sensitive patient data. Some hospitals have paid the ransom.
Krebs on Security points out that these types of viruses are designed to instill fear so that you feel compelled to pay the ransom. However, experts say, "Don't do it."
Despite this, ZDNet reports the majority of companies pay, but with mixed results. Cyber criminals are, after all, criminals, so there is no guarantee that paying the ransom will decrypt your files.
How to Protect Your Business After WannaCry
It’s well past time for businesses, whether small or enterprise-level, to begin having a consistent dialogue about the risk of cyber terrorism. Business leadership should take an active interest in what should be an evolving, proactive plan for network security. Company executives and information technologists must now join together in dialogue around how the technology we’re so dependent upon is heightening our vulnerabilities for cyberattacks.
Here are four key security initiatives to undertake in preparation for the next round of malware that is surely coming soon:
1. Get Patched Up
Microsoft has now offered a patch for anyone running Windows XP, Windows 8, and Windows Server 2003. Click here to see the alert and download the patch.
If you're still running an old operating system, it may be time for an upgrade. Many businesses are still operating on legacy platforms. If you’re still running XP, it might be time for an upgrade. Investing in firewalls, malware protection, and encryption, are part of creating a fully secure network. But it also means planning for redundancy, backups, and crisis recovery.
3. Train Staff on Safe Computing
Most of these viruses are launched because an unsuspecting person in the organization is tricked into opening a file or clicking a link. Security education is a vital part of keeping your network safe.
4. Let the Pros Handle It
An IT managed service provider can proactively monitor the security of your network 24/7. The threats are constantly evolving, so having an external security expert can help your organization stay proactive in the fight against cybercrime.
How Can I Protect Myself?
According to the FBI, the latest round of ransomware attacks have been geared more toward business than individuals. This doesn’t mean you should breathe a sigh of relief. One click of the wrong link and you could find yourself a victim of ransomware.
A Carbonite study showed, while the majority of companies that fell victim to ransomware paid up, the ones that didn’t have full backups of all their files. These backups should not be connected to the computer you’re backing up.
Look at the link
The best protection from any malware is to never click on a link or download a file from an email user you do not know. Hackers have gotten very savvy. You may get an email that seems to be from your credit card company. But always scrutinize the email link to determine if it's legitimate. Better yet, call the company to see if the email is real.
Be Careful With Downloads
Do you really want to download that free software? Are you sure it’s from a site you can trust? Make sure you are carefully considering the source before downloading any files from the Internet. The risks are real.
Preparing for the Next WannaCry
Ransomware attacks impact businesses and individuals. Service disruption, and data and financial loss can all result from these attacks. Moving forward from WannaCry means taking security seriously – before the next cyber attack is launched.
CWPS offers a four-part Defense-in-Depth Strategy for proactively preventing cyber security breaches. Contact us today for a confidential assessment.