Many will have seen the recent global attack by the WannaCry Ransomware and the fact that it has now been stopped, semi-accidentally, by a UK security researcher alwareTech.
This ransomware spread for only a few days, but infected over 900,000 computers in 150 different countries, by using an exploit to the windows operating system, first discovered (and used) by the NSA, this exploit leaked and is now in the hands of anyone who wishes to use it.
The malware was stopped by registering a domain name that was used to contact a server by the software before it started it’s infection. Once the domain name was under the control of the security researcher, it was prevented from responding.
That’s the good news…. The bad news is, there are already different versions being circulated, using different servers, which are also being caught, but not without casualties, a further 10,000 machines have been infected with the new version. There is also a version that does not contain a kill-switch at all, luckily it was corrupted, so could not encrypt any files, but it’s only a matter of time.
So for protection here’s a list of things you should do.
Backup your data
Ideally have some kind of network attached storage device (NAS) your files can be stored here, and backups or snapshots which are not directly accessible to the PC can be automatically performed on daily or even hourly basis. USB drives should not be left connected to your computer after a backup, and you are exposed to risk while they are connected.
Use good antivirus software
Good antivirus software is critical, anyone that states that Windows Defender is good enough is a moron and should not be trusted for IT Security advice. Antivirus signatures and updates should be checked for at least hourly. BitDefender has recently reissued the following advisory regarding ransomware. For information on securing your company contact us for Antivirus and Network Attached Storage.
Install Operating System Updates
It’s a pain, but these updates can really make the difference between being infected or not
Don’t simply open unknown email attachments even from people you know
These types of malware mostly spread through email and can be disguised even as PDF files so be wary of any files that come from unknown sources, this of course can be difficult.
Painful though it may be, don’t pay these people, paying simply encourages them to do the same thing again and again.
Although there is no such thing as 100% protection, We at Access Devices Asia have products and services designed to help with your IT security, and prevent data loss, contact us for help.