Global Cyber Attack
Affecting organisations in over 150 countries, causing up to 4 billion dollars of financial damage, the Global Cyber Attack that took over 300,000 devices over the course of a single weekend – WannaCry caused great panic on May 12.
A devastating type of Trojan virus – the term Ransomware, was made famous in a blink of an eye after bringing down the Britain’s National Health Service (NHS) and many other organizations. Last year in 2016, a similar ransomware virus in 2016 causing 1.6 billion dollars worldwide in 2016 also hit organisations by holding hostage of important personal or sensitive business files and demands for an amount of money (an average of $300) within a short period of time to regain the access to encrypted files.
The attack is believed to aim at a mass audience rather than a targeted group of victims. However, ransomware – WannaCry have thought of all types of files to encrypt, they are inclusive of the most important and common filetypes – .zip, .avi, .doc, .docx, .mp3, .mp4, .png, .ppt, .xls, .wmv. etc. You can accidentally put yourself, or your company at risk by clicking unreliable links, or downloading files from phishing emails.
Are We Safe Now?
The good news is antivirus companies and cybersecurity professionals all over the world are working hard to find a way to decrypt the affected devices without paying any bitcoins to attackers. However, there has been no confirmation on a solution for WannaCry yet.
Nonetheless, there are still ways to keep you and your business safe. And one of them is to practice frequent or daily backups. Daily data backups are crucial to ensuring you always have a copy of data to fall back on in case of any attacks, that is unless you have the IT expertise of Marcus Hutchins, the 22-year-old security researcher who slowed down the spread of the virus by being a curious person. (Refer to his story of “How to Accidentally Stop a Global Cyber Attacks”)
However, if you are amongst those who has not been “wannacri-ed” yet and do not have a IT security expert working for you, we have developed a checklist for you to check against to protect you and your business against ransomware.
FIRST – Ask Yourself These Questions:
- Do I have a most updated version of Windows?
- Do I have an antivirus software and is it the latest version?
- Is this link trustworthy?
- Is this email from the right person that I think it is? (some phishing emails use the names or source you are familiar with – eg. your client’s name, Microsoft)
- Do I have 3 copies of data backup that is stored outside of the original device?
SECOND – Update Your Software
A few months before the historical May 12, Microsoft released a Windows patch that can protect windows devices from being affected by Ransomware. Thanks to #teamGates, a huge number of devices who had installed the latest security updates, stayed safe from the attack.
Don’t stop at Windows, please extend your prompt action to iOS and Linux devices because Ransomware is evolving every day and your IT environment should always stay a few steps ahead. Same goes to other softwares, such as Antivirus.
THIRD – Backup and Test Your Data Backup
The importance of doing and testing data backups to ensure they work well can never be stressed enough. Recently we released a post on this matter (Refer to link here) and we will continue to discuss in the near future as it is crucial that you understand the importance of the act of data backups.
While most individuals and organisations have a data backup solution running by now, that is not all. The next question to ask is, when was the last time you did a test on your data backup solution? In a survey conducted by Storage Magazine showed that even at least 66% of companies surveyed tests heir backups, 77% found their tape backups failed to restore. This shows that though your data backup might be successful, the data being backed up might not work when needed the most, hence, you should never take the risk of waiting to find out and test it on the spot after backup.
As discussed above, there are IT experts spending a lot of effort in controlling the damage of WannaCry and more importantly, preventing such reoccurrences of ransomware. Besides releasing Windows updates, Microsoft is currently also promoting an Office 365 add-on – Advanced Thread Protection (ATP), which helps to run files and links on a separate virtual machine before opening the access to your device.
If you or your company #WannaFight against this cyber-attack, please consider the three steps above, and reach out for support when required.
For more information about Backup Solutions please click here.
If you want to know more about Microsoft Updates and Office 365 Advanced Thread Protection mentioned above, please contact us here.