WannaCry Ransomware Threat

No doubt you are aware of the recent news regarding the Large Scale WannaCry ransomware Cyber Attack that affected the NHS computer systems in the UK.  So far hundreds of thousands of Windows computers in over 100 countries have been affected, as well as the NHS it has also affected other companies such as Telefonica and Fedex.

The Wannacry infections first gains access to your computer system via an email attachment and using a Microsoft Windows vulnerability (MS17-010) it can then spread rapidly through your network by installing itself on un-patched computers. The ransomware will then encrypt your computer’s hard disk and also encrypt any files on your network server folders as well and display the following message:

The Microsoft Windows vulnerability is on all versions of the Windows operating System from Windows XP up to Windows 10 and all Window Server operating systems.

Recommended Steps:

  • As the initial infection come from a Phishing type email with an attachment which can be an infected Microsoft Word document disguised as a job offer, an invoice or another relevant document. Please do not open any suspicious emails and just delete it. If you are not sure please give us a call on 01723 587250 or you can validate it by calling the sender if possible. Also please do not reply to the email.
  • If you do receive a suspicious email that contains any links to a website please do not click on the link and delete the email.
  • The risk can also come from visiting websites so only visit website’s that are business related and trusted, even then proceed with caution.
  • Run Microsoft Windows Update on all your computers and servers.

Prevention Steps:

  • BACKUP – Have working automatic offsite backups
  • SECURITY # 1 Make sure your Anti-Virus is working and virus signatures fully up to date
  • SECURITY # 2 Just Anti-Virus is now no longer considered good enough to be protected against Ransomware so add an extra layer of protection by installing a dedicated Ransomware protector such a Heimdal Security Professional which we have been recommending through email and our Newsletter.
  • SECURITY #3 Add an extra layer of email malware / phishing protection such as targeted threat protection.

The early reports are that this is the first of many of this type of attack and that new variants are expected.

All companies must now treat ransomware prevention as an insurance policy, it is that important!

Please call us on 01723 587240 if you want any more information or guidance on implementing the recommended prevention steps.