Sprout IT discusses ransomware and what you need to know
The virus that infected the NHS and other systems over the weekend is known as “WannaCry” Ransomware. It is believed that the source of the infection was via an email opened and resulted in spread throughout the network. Once a machine is infected it will encrypt all data on your machine and then display a notice that the only way to recover your data is to pay a sum of money. It will then seek to install itself across other machines connected to the network and spread as far as possible.
A patch for the vulnerability that this virus exploits was released in March for all currently supported windows operating systems. This is why you should regularly install patches and discontinue using unsupported operating systems such as Windows xp and Vista. SproutIT clients have Windows and Third Party patches pushed to their Windows devices automatically. You should reboot your device at least once per week (not just put the device into standby) as some patches require the Operating System to be rebooted to complete the install, and will prevent further patches being applied until this is done.
To help mitigate vulnerabilities such as ransomware for your business:
- Install any security patches that are available on your computers whether they be Mac or Windows based. Security patches are released to protected against these types of virus and should always be installed upon release.
- If you have received an unsolicited email with a file attached or asking you to click on a link treat them with caution. Where possible verify these by calling the Institution or forward the email to email@example.com.
- Ensure that you have a proper backup solution in place – which is validated frequently – should you ever need to recover your data. Tape backup solutions should be reconsidered due to the increased time to ‘recovery’ compared to modern and effective solutions available.
- Enable your human firewall! Ensure all users on the network are trained* on how to spot security threats.
- Speak to us if you have any concerns around your own network security – we provide consultancy and services to highlight and mitigate risks leading to vulnerabilities in your network
*SproutIT offers Sprout CyberAware: a learning program which helps to fill critical knowledge and skills gaps from social engineering to password safety.