Learn from the NHS Cyber Attack
Ransomware: Five actions to take TODAY to protect your business
A global ransomware attack has infected more than 200,000 computers in 150 countries since Friday. The scale of the attack – which has hit organisations including the NHS – has been described as “unprecedented” by Europol.
It’s known as Wanna Decryptor or WannaCry and is a variant of the CryptoLocker virus which has been around for years.
It locks users out of their devices, encrypts their data and demands a ransom for the decryption key.
Once the virus has encrypted your data it isn’t possible to decrypt it without the decryption key.
If your computer gets infected you have three options: 1) Pay up in the hope that the decryption key will be issued (there is some doubt about this and the general advice is not to pay up.) 2) Recover data from backup. 3) Lose your data.
The virus is infecting machines running Windows operating systems and one of the ways it’s spreading is via email. It will infect the PC the email was sent to and then try to infect all the other PCs in that organisation.
Experts are warning that there could be further ransomware cases this week.
There are five main things you can do to protect your business:
1. Make sure your computer has the latest Microsoft patches.
Here’s how to check:
To see if the patch is already installed go in to the Search box and type Windows Update – click on Windows Update and click on Show Update History.
If you have ANY of the below you are fine:
- 2017-05 Security Monthly Quality Rollup for Windows 7 (KB4019264)
- April, 2017 Preview of Monthly Quality Rollup for Windows 7 (KB4015552)
- April, 2017 Security Monthly Quality Rollup for Windows 7 (KB4015549)
- March, 2017 Security Monthly Quality Rollup for Windows 7 (KB4012215)
- March, 2017 Security Only Quality Update for Windows 7 (KB4012212)
To see if the patch is already installed click Start > Control Panel > System and Security.
Click on the View installed updates link under Windows Update and if you have ANY of the below you are fine:
- 2017-05 Security Monthly Quality Rollup for Windows 8.1 (KB4019215)
- April, 2017 Preview of Monthly Quality Rollup for Windows 8.1 (KB4015553)
- April, 2017 Security Monthly Quality Rollup for Windows 8.1 (KB4015550)
- March, 2017 Security Monthly Quality Rollup for Windows 8.1 (KB4012216)
- March, 2017 Security Only Quality Update for Windows 7 (KB4012213)
To see if the patch is already installed click Start > and then type WinVer in the search box.
It will tell you your version and build. If you have ANY of the versions below you are fine:
- Version 1703
- Version 1607 – if your build is 14393.953 or later.
- Version 1511 – if your build is 10586.839 or later.
Microsoft has also released patches for Windows XP, Win 8, and Server 2003 and more details can be found at their website.
2. Make sure you use firewalls and have up to date anti-virus software installed.
3. Make sure all your data is safely backed up so it can be recovered in the event of an attack
4. Be extra vigilant when it comes to email.
This cyber-attack was delivered by emails containing infected attachments. Be sceptical and do not open anything you are unsure of.
5. Be prepared.
Make sure you have a robust strategy in place for how your business would deal with a cyber-attack.
Here’s where Ponticello IT Solutions can help you protect your business:
- Our Managed Anti-Virus is recognised for its industry leading detection rates. It combines advanced anti-virus and anti-spyware technologies to provide complete security – without slowing down your PCs.
- As well as robust anti-virus, an up to date back up of all your business-critical data is also essential.
Ponticello’s Managed Online Back Up is powerful, reliable and secure. We offer complete cover for business critical data with copies stored securely in UK based datacentres. We have restored several clients after a CryptoLocker infection.
- We also offer Patch Management to update thousands of software. Patched PCs are far less vulnerable and specific patches for this variant of CryptoLocker have been released – even for Windows XP.
- Many viruses also use a macro to download virus content from the internet. Web Protection from Ponticello blocks access to ‘blacklisted sites’. Blocklists are maintained by Spam Haus and others.
At Ponticello IT Solutions we are fastidious about security and data backup and we are proud to boast that in 20 years no client of ours has ever lost data because of a virus, a failed backup or a data breach.