When the NHS in the UK was attacked by WannaCry the world again was reminded about the importance of digital security and protecting your network – no matter the industry. Most recently, Australia felt the pressure of ransomware when Victoria’s speed and red-light cameras were affected and the Cadbury chocolate factory in Tasmania was shut down due to an attack. Ransomware is becoming the new ‘norm’ with fresh attacks launched every day.
This increasing propensity isn’t helped when attacks are further exacerbated through human error. Despite the growing awareness many organisations are still naive about ransomware and unprepared for its impact. Effectively managing and protecting the network against attacks doesn’t have to be difficult. In fact, there are a few critical, but simple preventative steps that organisations can take to stave off such attacks.
Looking to the basics and preventive measures
Ransomware, in one form or other, is nothing new, dating back to the healthcare industry in 1989. Known as the AIDS Trojan, the malware was spread via floppy disks that were sent to AIDS research organisations and encrypted files after a certain number of system reboots. Meanwhile, targets range from computers to smart TVs and the list keeps getting longer.
Given ransomware is now a billion-dollar industry and growing rapidly, it is little wonder that questionable characters increasingly want a piece of the action. 2016 saw a massive surge in ransomware attacks, not only in the numbers, but also in their variety. This trend has continued into 2017 with numerous large-scale attacks including WannaCry; one of the largest attacks yet, which affected around 200,000 computers in 150 countries. This attack proves that ransomware continues to take on ever more disturbing and expensive dimensions.
I have been attacked! What now?
When you realise that you are a victim of ransomware, such as WannaCry, it may already be too late. However, if you act quickly you can prevent the infection from spreading across your network. By identifying infected machines and removing them from the network immediately ensures critical systems remain intact, and gives you time to start the lengthy restore process.
To pay or not to pay?
If you don't have backups or require files immediately, you're probably asking yourself this question. While, you want your files back, you don't want to encourage criminals. So, should you pay the ransom? The answer to this question heavily depends on your system, how important it is, and how much damage can be done if you choose not to. A hospital, for example, might simply pay the ransom because it’s quicker than restoring its systems and won’t interrupt patient care.
One thing is certain: paying the ransom is no guarantee that you will get your files back. Research has shown that 20% of victims don’t get their files back after paying the ransom. The attackers might even ask for more money once paid. Or you may not get everything back; often attackers have to manually decrypt every file on every infected system and they either don't have the manpower or the time.
How to protect yourself against ransomware
The key word here is prevention. By taking the following four precautionary measures, your risk of becoming the next ransomware victim will reduce significantly.
1. Backup backups
You need to ensure that for all computers, mobiles and other connected devices you create several backups of important data and store them in different locations. Regularly test and monitor your backups so that if you do end up needing them, you can rest assured that they will actually work.
2. Stop clicking
The best way to prevent attacks is education. IT workers are usually not heavily affected by these types of attacks, as they are able to identify suspicious mails and websites before clicking on links. Educating employees in the company about ransomware threats will help reduce susceptibility to attacks. Spam filters, antivirus software, and firewalls help to keep your network safe but they won't prevent a user from circumventing your security.
3. Disable macros
Infections still occur via macros although newer software programs disable them by default. Make sure you keep the default settings and only download macros from verifiable and trustworthy sources. Even then, be cautious.
4. Update frequently and quickly
To stay ahead of attacks, you should update your operating systems, apps, and other software frequently; as updates often include security-relevant fixes. Simplify the process by setting up notifications to let you know when updates are available or by setting up automatic downloads.
Prevention is key. If we look back to WannaCry, many victims were using out-of-date software, such as Windows XP, Server 2003, Windows 7 and Server 2008. These attacks could have been avoided if operating systems had been updated. Like never before, a proactive approach to cybersecurity is vital to organisational success. It’s time to fight back and take a stand against cyber-bullies; by backing-up information and educating employees about potential threats. Don’t get caught out, be prepared if things don’t go to plan.