The global cyberattack, “WannaCry” that started to escalate a little over two days ago was first identified via the British healthcare system. Quickly expanding into many European and Eastern countries, the US and even South Africa. Industries in as many as 150 countries have reportedly been affected. The motive for the attack is still unclear as only some institutions were asked to pay a ransom of between $200 to $600.
Several key institutions such as banks, hospitals, telecommunications companies and government agencies have been exploited by leveraging a Windows SMB vulnerability (MS17-010). Large businesses such as FedEx, telecommunications company Telefonica, the British health service and German railway (or the Deutsche Bahn rail network) have been affected. Regardless of the entry point hackers or cybercriminals exploit vulnerabilities in operating systems, software, plug-ins, applications or any entry point they can access.
The complexity of WannaCry is currently being investigated by US intelligence agencies and several cybercrime institutions. Once the full impact is understood we will issue a synopsis of the attack.
Rob Wainwright, executive director of Europol, says, “We’ve never seen anything on this scale.” A major concern, he says, lies in the fact that this ransomware combines with a worm functionality, which means, “the infection of one computer, triggers rather remotely the infection of an entire network.”
How to guard your company against ransomware
At Internet Solutions, we inform clients directly of any security concerns, but it’s important for all parties to be vigilant.
- If you have been compromised by a ransomware attack, don’t pay the ransom, contact your security provider and follow their instructions.
- Install new patches and computer updates immediately and regularly.
- As usual, avoid incoming emails from unknown individuals. Train your end users, and retrain them to educate them on the dangers of opening suspicious emails.
- Ensure that your webfilter is scanning for malicious code and blocking executable file downloads.
- Evaluate your security – from your ability to detect an attack, your line of defence and backups of your data.
We encourage you to evaluate your security to ensure that you have the best possible defence in place. The evidence is that this ransomware attack could lead to future attacks on a similar, or even larger, scale. Protect your business, data and staff. If you’re unsure about your security landscape, contact us for an evaluation or try our risk assessment tool here.