Statement regarding the latest Global ransomware attack
29th June 2017
You can’t have failed to about yet another global ransomware attack that has hit countless businesses, small and large, across the globe. This comes just a few weeks after the Wannacry attack which affected the NHS and numerous other businesses in a similar manner.
We understand that you’ll be concerned about your own IT security, and rightly so, so we wanted to write this blog this morning to give you some important information.
Firstly, the scary bit. It’s really important that you realise you are not immune from cyber-attacks. Our experience over the last 18 months has been that there has been an alarming increase in the spread and severity of cybercrime, and attacks are not targeted solely on high profile organisations. Small Businesses, Schools and Charities are all just as vulnerable. Equally, users of Apple devices and cloud based systems are not immune from these threats – don’t be lulled into a false sense of security – this is a real business risk that should be high on your risk management agenda.
Secondly, some reassurance. You can take relatively straightforward steps to protect yourselves. The steps needed to protect yourself from the majority of the attacks we’ve seen to date are quite simple:
- Turn off and stop using old PCs and Servers that are still using unsupported operating systems, such as Windows XP or Server 2003. These machines, no matter how small their role on your network, represent a significant threat and you need to turn them off and replace them. It is too early to comment on yesterday’s attack but it’s certainly clear that Wannacry was largely spread via these older devices that are no longer patched to fix vulnerabilities.
- Deploy patches and updates on servers and workstations. A number of the recent attacks have exploited well known weaknesses which could have been avoided if adequate time had been provisioned for good network administration. It’s the boring but important work that network admin’s need to be allowed to get on with, that ensures that security is maintained.
- Make sure you’re using reputable anti-virus software. This is not something to skimp on! Home use and cheap and cheerful antivirus solutions are not acceptable in a commercial environment. You wouldn’t fit the cheapest lock to secure your premises, so don’t skimp on the tool that will be one of your greatest forms of defence.
- Review your back up procedure and test that you can restore from it. If you are unlucky enough to be affected by an encryption virus, your only chance of recovery without paying the ransom, is to restore potentially all of your files from back up. That is not the time to discover it’s not working quite as you hoped! Review your data selection and satisfy yourself that the whole system can be restored within an appropriate time scale, and make sure it’s tested regularly. If your back up is cloud based, remember that the restore may well be dependent on the speed of the internet download, make sure you’re happy with the potential time this could take.
- Enforce a strong password policy. We are surprised by the number of businesses that still consider strong passwords, that expire regularly, as being an inconvenience. You can enforce password policies via Active Directory, this should be configured to insist on complex passwords that expire periodically and can’t be re-used. You should also ensure that you have a robust leaver process in place to ensure that inactive accounts have passwords changed immediately, and that the account is disabled as soon as possible. Make sure those with access to administrator accounts do not use them for day-to-day work, as that can make a malware infection far more serious.
- Train your staff. Your IT security is only as strong as the knowledge of the people using your systems. The ‘Human Firewall’ is often the weakest part of your defence so it needs reinforcing! We recommend that cyber-security training should be a key part of staff induction and an annual training programme should be provided. There are online tools that can help you implement this relatively cheaply.
I hope this reassures you that you can do a lot to protect yourself. I appreciate this may well raise questions and our team will be happy to discuss any concerns you may have, please contact us on 01483 735540.