The Best Defense Against Ransomware Attacks is Knowledge and Then Applying That Knowledge!
The best defense against ransomware attack is knowledge and then of course applying that knowledge. Knowing what you need to do in order to protect yourself is critical to the safety of your business. The recent "wannacry" ransomware attacks provided us with valuable information, which are basically opportunities, to learn or re-learn how to defend and secure our networks. As with most attacks, our attackers leave behind clues in their wake. The Cyber Ransomware Attack labeled “Wannacry” recently took a "second go" at attacking its’ victims.
If you weren’t already prepared for the latest attack, don’t feel too bad, millions of companies were just as vulnerable and at risk from harm as you were. It seems the lessons here were of global consequence. I'm not saying, "I told you so" because that would be cruel and it wouldn't do any of you any good. "We're a local South Florida MSP and I can confidently say that our clients had nothing to worry about when Wannacry made its' debut and then it's second visit", says David Bennett, President of Connections for Business. "Our job is to protect our clients and that includes having the foresight to predict these kinds of events."
The Wannacry malware virus exploded on the scene with speed and scale. The virus exploited a known security flaw in Microsoft XP operating software, spreading to more than 150 countries and almost a quarter million computers, locking the data of software users and asking for $300 in exchange for unlocking their data. In a nutshell, any victim who failed to meet the demands of their attacker (any company who didn’t pay the ransom), wound up sealing their fate, ultimately aiding in the death of their data. If it sounds harsh, it’s meant to!
In March 2017, upon realizing there was a security flaw, Microsoft developed a patch for the software, unfortunately not before more than $209 million had already been paid out in ransom. Sadly, even after making the ransom payment, slightly less than half of those companies were able to recover their data.
What did we learn from this? For starters we learned that millions of businesses were unprepared. This might sound a bit cliché but “there’s no time like the present!” Now is as good a time as any to reflect on the recent attacks and to create your companies cyber attack defense strategy.
"More than 12,500 machines running older versions of Microsoft Windows were targeted in the Ukraine, according to Microsoft, though the attack quickly spread to 64 countries." says the NY Times
I'm going to give you the weapons you will need in order to help protect your companies from ransomware attackers. In this case, your weapon, your best defense against cyber attack, is knowledge! What you choose to do with that knowledge is critical as it helps to keep what matters most to you safe.
I’ve prepared valuable tips that your organization can follow to avoid being victimized by these attackers;
- Nations around the globe are using outdated hardware and software and the security patches are not being updated, even after warnings have been issued. Verify that your IT department is using all up to date hardware and software, keeping up with all recent trends and patches.
- Features enabling automated updates should be used to ensure updates are being performed as soon as fixes become available. Verify that your IT department is securing automatic updates and fixes as they become available.
- When and if security patches are no longer available, the systems should be replaced. Verify that your IT department has replacement systems in place when security patches are no longer available.
- It was observed that governments & businesses using obsolete systems were targets of the WannaCry ransomware. Verify that your IT department isn’t using obsolete software, hardware systems. The damage you will incur and the data you will lose can cost you your business. Re-evaluate just how valuable expensing new systems will be for your business!
- Most cyber insecurities occur when individuals open files from people or addresses they don’t know or recognize. Pay special attention to files with the extensions like “.exe”, “.vbs” and “.scr”, there’s a good chance they are malicious.
- The Windows XP dilemma! If you’re currently using an older version of Windows, like XP, take advantage of the critical updates that the respectable corporation has issued. However, an even more beneficial arrangement would be switch to Windows 10. Microsoft did emphasize that no Windows 10 operating systems are counted as victims of WannaCry.
- Education about Cyber Security and Malware: Do your part to stay informed when it comes to security and malware and then do your part to share that information within your organization. If you are the IT department, it is still your responsibility to educate the employees in the office.
It's true, I can do a lot of things. I can lead a horse to water but even "I" can't make him drink! If you're unsure of how secure your companies network is, then do the smart thing and investigate. It's okay to trust that your employees are keeping your network safe and it's also okay that you verify all T's are crossed and all I's are dotted. Protect what matters to you most, your business! Knowledge is powerful and can often be the key to solving many problems. If you want to learn more about cybercrime and how to protect yourself, you can download our ebook, "Top 10 Ways To Protect Yourself Against Cybercrime."
Whether you have an entire IT department securing your infrastructure from within your organization or you outsource your IT services to a reputable MSP, if you have any doubts regarding your networks' safety, request a free Cyber Security Assessment. There is no fee and you are not obligated to purchase any of our services. Give yourself some peace of mind. Click here to request a free Cyber Security Assessment from Connections.com!