“WannaCry” Ransomware 101

May 12, 2017 saw the largest global cyber attack in Internet history. The “WannaCry” ransomware attack wreaked havoc on over 300,000 computer systems around the world in over 150 countries. Typically, ransomware spreads via email as spam or phishing attacks and relies on human intervention to infect more computers. WannaCry is different because it combines ransomware with a recently stolen vulnerability that allows it to infect and spread to thousands of unpatched computers via the internet.

As a small or medium sized business owner, you may think you have nothing to worry about because most media coverage has been highlighting large companies such as FedEx, Telefonica and the NHS in Britain. However, this type of threat does not discriminate based on company size so any organization with an internet connection is at risk.

The consequences for an infected business can be devastating. This includes temporary or permanent loss of sensitive information, disruption to business operations, and/or potential costs to restore systems. Businesses should adapt a business continuity plan if they have not already. While this can’t prevent an attack altogether, it can ensure a fast and complete business recovery.

What else can your business do to protect against and prevent such an attack?

One of the most important steps to take is to backup your data. As a general rule, you should always be backing up your data anyways with a strategy such as the 3-2-1 rule:

  1. Have at least 3 copies of your data
  2. Keep these backups on 2 different media
  3. Store 1 backup offsite

Not only will this protect against a ransomware attack, but you also just never know when your system will crash, a building will burn down, or an angry employee tries to intentionally destroy data to harm your business.

Beyond backing up data, businesses should:

  • Ensure all anti-virus, anti-malware and firewall solutions are updated and set to regularly conduct scans
  • Apply the Microsoft patch for the MS17-010 SMB vulnerability dated March 14, 2017
  • Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users
  • Educate all employees on how to identify scams, malicious links, and any attempted social engineering ploys

WannaCry has slowed down drastically over the last couple days, but new versions have been detected and these types of attacks are constantly evolving.

If you have been hit with ransomware or have any questions or concerns on how to get protected, please do not hesitate to contact your IT advisors at Zarr Tech.

We are available by phone at 1-800-324-0372.

0 replies