Latest News

Statement regarding the latest Global ransomware attack

29th June 2017

You can’t have failed to about yet another global ransomware attack that has hit countless businesses, small and large, across the globe. This comes just a few weeks after the Wannacry attack which affected the NHS and numerous other businesses in a similar manner.

We understand that you’ll be concerned about your own IT security, and rightly so, so we wanted to write this blog this morning to give you some important information.

Firstly, the scary bit. It’s really important that you realise you are not immune from cyber-attacks. Our experience over the last 18 months has been that there has been an alarming increase in the spread and severity of cybercrime, and attacks are not targeted solely on high profile organisations. Small Businesses, Schools and Charities are all just as vulnerable. Equally, users of Apple devices and cloud based systems are not immune from these threats – don’t be lulled into a false sense of security – this is a real business risk that should be high on your risk management agenda.

Secondly, some reassurance. You can take relatively straightforward steps to protect yourselves. The steps needed to protect yourself from the majority of the attacks we’ve seen to date are quite simple:

Turn off and stop using old PCs and Servers that are still using unsupported operating systems, such as Windows XP or Server 2003. These machines, no matter how small their role on your network, represent a significant threat and you need to turn them off and replace them. It is too early to comment on yesterday’s attack but it’s certainly clear that Wannacry was largely spread via these older devices that are no longer patched to fix vulnerabilities.

Deploy patches and updates on servers and workstations. A number of the recent attacks have exploited well known weaknesses which could have been avoided if adequate time had been provisioned for good network administration. It’s the boring but important work that network admin’s need to be allowed to get on with, that ensures that security is maintained.

Make sure you’re using reputable anti-virus software. This is not something to skimp on! Home use and cheap and cheerful antivirus solutions are not acceptable in a commercial environment. You wouldn’t fit the cheapest lock to secure your premises, so don’t skimp on the tool that will be one of your greatest forms of defence.

Review your back up procedure and test that you can restore from it. If you are unlucky enough to be affected by an encryption virus, your only chance of recovery without paying the ransom, is to restore potentially all of your files from back up. That is not the time to discover it’s not working quite as you hoped! Review your data selection and satisfy yourself that the whole system can be restored within an appropriate time scale, and make sure it’s tested regularly. If your back up is cloud based, remember that the restore may well be dependent on the speed of the internet download, make sure you’re happy with the potential time this could take.

Enforce a strong password policy. We are surprised by the number of businesses that still consider strong passwords, that expire regularly, as being an inconvenience. You can enforce password policies via Active Directory, this should be configured to insist on complex passwords that expire periodically and can’t be re-used. You should also ensure that you have a robust leaver process in place to ensure that inactive accounts have passwords changed immediately, and that the account is disabled as soon as possible. Make sure those with access to administrator accounts do not use them for day-to-day work, as that can make a malware infection far more serious.

Train your staff. Your IT security is only as strong as the knowledge of the people using your systems. The ‘Human Firewall’ is often the weakest part of your defence so it needs reinforcing! We recommend that cyber-security training should be a key part of staff induction and an annual training programme should be provided. There are online tools that can help you implement this relatively cheaply.

I hope this reassures you that you can do a lot to protect yourself. I appreciate this may well raise questions and our team will be happy to discuss any concerns you may have, please contact us on 01483 735540.

Related News

Sorry, no related posts matched your criteria.

Surrey Chambers of Commerce host great events and networking opportunities for businesses of all sectors and sizes. The knowledge and support they provide is especially valuable to businesses who are growing. I enjoy working with team.

Amanda Shovelton NatWest

Surrey Chamber of Commerce is in the business of working with businesses, consistently delivering quality events and a great go to for advice

Harvey Ockrim Satteliet UK

If you are looking for an organisation with a membership of like-minded business owners sharing common interests with a willingness to support colleagues, then in Surrey Chambers you have found what you are looking for. With caveat that yes, you have to put the work in to attend the meetings, thoroughly recommended.

Ges Ray Presentation Excellence

Membership of the Surrey Chambers keeps our finger on the pulse of what matters to business and it grounds us in reality. The variety of businesses we get to meet and hear from through the Surrey Chambers events (previously face to face and now online) enriches our knowledge and broadens our perspectives and ensures we continue to shape our services and offerings to meet our client’s needs.

Jarmila Yu YUnique Marketing

ramsac have been proud members of Surrey Chambers for over 20 years. During that time we’ve received support in the form of training and business community links, we’ve expanded our local network and we’ve had opportunities to promote our SME IT services to the wider Chamber membership by supporting and sponsoring events and providing keynote speakers to talk about IT and employer issues.

Dan May ramsac

Louise and her team at Surrey Chambers have been and continue to be a fantastic resource for our business. They have been hugely helpful and remain a great asset to not only our business, but also the SME community in Surrey and beyond.

James Morris Trafalgar Marquees

I was recently at the Surrey Chambers Power Breakfast at Sandown Park Racecourse what a fantastic venue and breakfast. There was a good group of people, all with ‘can do’ attitudes as well as an engaging speaker. I obtained a number of new contacts and received further networking opportunities. I also felt that I had come from the breakfast having learnt something new which is a big bonus!

Andrew Dennis Coast to Capital

Our membership of Surrey Chamber of Commerce has been instrumental in the growth of our business. It's opened many doors and so much of our new business can be tied back to a SCC introduction. We recommend joining the chambers to all of our micro/SME clients looking for funding, networking and brand awareness.

Esther Guy Accounting4contractors Ltd

Surrey Business School is proud of its longstanding partnership with Surrey Chambers of Commerce. Our relationship with Chambers is at the heart of the connectivity we have with the local business community and enables us to forge the strongest of links to the benefit of businesses, our students and the research community.

Adrian Shanks Surrey Business School

I attended the Heathrow Summit conference and had the great good fortune of spending some time with Gary Hayes & Andy Willmott who were a real credit to the Chamber. If anyone is wondering whether being a Chamber member could help their business know this, they helped me with their knowledge of local contacts and we're in Cornwall! Thanks for your time fellas and keep up the good work!

Spencer Hassell ADi Access

Unit 14a, Monument Way East, Woking, GU21 5LY

t 01483 735540 f 01483 756754

Surrey Chambers of Commerce is a company registered in England and Wales with company number 3027072 & VAT registration number 644468124.

t 01483 735540

t 01483 735540

NEWS

Latest News

Statement regarding the latest Global ransomware attack

29th June 2017

Related News

Patrons

Executive Partners