On Friday, May 12th, 2017 a ransomware attack going by the name of WannaCrypt, invaded and infected over 50,000 computers worldwide.
The attack impacted many large corporations all over the world, one being Britain’s NHS (National Health Service), shutting down services that provide free healthcare.
The software behind the attack requires a payment of $300 worth of bitcoins at the initial time of infection, increasing after 3 days to $600. Those infected have 7 days to make payment until ultimately, files are deleted or have the possibility of being leaked (BGR).
The attack was slowed substantially by Saturday, by a researcher that goes by ‘MalwareTech.’ He did this by purchasing a domain name, after analyzing the malware's code. He doesn’t believe that the domain name was intended as a kill switch for the virus, but simply being used as the hacker’s own defense, to see if the malware was being analyzed (TheGuardian).
While we have slowed one attack, there will undoubtedly be copycats, other ransomware used to attack companies of all sizes.
Ransomware is a very serious cybersecurity threat causing all kinds of problems for businesses including both financial and brand implicaitons.
So, what is ransomware and what can your business do to protect itself from an attack?
To help you better understand what your options are Michael McNamee, VP of Engineering at SecurEdge Networks, has outlined a 6 step, multipronged approach to improve your ability to protect your business from a ransomware attack.
What is ransomware?
Just like the name suggests, ransomware is a type of malware that holds your systems and your data hostage until a specific amount of money has been paid to the attacker.
This type of data security threat impacts every industry from financial institutions (banking and insurance) to healthcare, retail and education.
The most common delivery method for a ransomware attack comes from email links and attachments (59%) and only 45% of organizations are "somewhat confident" in their ability to stop a ransomware attack according to a 2016 Osterman research survey.
With the ransomware threat only increasing, what can you do to protect your business?
- Always have data backed up and protected somewhere off your network.
- Use a mail service or mail appliance that can scan and detect phishing emails. *Phishing emails, provide a clickable link that “baits” you into visiting a website. Either asking you for personal information upon your website visit, or encrypting your files after you have clicked the link.
- Train employees to spot phishing emails and to not open them. *78% of people claim to be aware of the risks of unknown links in emails- yet they click anyway (FAU.EDU)
- In the event of a ransomware event, a policy for handling should be in place and all employees know the procedures
- Employ a client AV/Malware/Email scanner that can prevent the ransomware from running
- Deploy a firewall that can scan emails in whole and quarantine if found to contain ransomware
Keeping your business and it's end-users out of harms way is the foundation of your entire wireless system and the first step when planning your network.