Security experts are citing this weekend’s cyberattack as one of the worst and most widespread pieces of malware they’ve ever seen. According to CNN Tech, “WannaCry” is attacking at an unprecedented rate and has already affected 200 000 victims across 150 countries, including South Africa.
Hospitals in the UK are among the worst affected and have had to turn away patients and divert ambulances because they couldn’t access patients’ files. The ransomware is thought to have originated from within the British healthcare system, but also targeted other key institutions such as banks, hospitals, telecoms companies and government agencies. The cybercriminals are demanding a ransom of between $200 to $600 in bitcoin.
How did they do it?
The malware took advantage of a weakness in Windows
Ransomware is a malicious software that blocks users from their computer systems until a ransom is paid, usually in the form of bitcoin. Ransomware spreads through attachments sent via unsolicited emails. In the case of “WannaCry” the ransomware is spreading through a weakness in Microsoft’s Windows software. Microsoft has released a patch and is sifting through the Internet in search of vulnerable computers.
Rob Wainwright, executive director of Europol, says, “We’ve never seen anything on this scale.” A major concern, he says, lies in the fact that this ransomware combines with a worm functionality, which means, “the infection of one computer, triggers rather remotely the infection of an entire network.”
How do you protect yourself against ‘WannaCry’?
If you haven’t already installed the Microsoft patch, do so now and make sure your system updates automatically. Some companies are reluctant to run Windows’ updates because it slows their computers or adversely affects their legacy software.
Given the ease of this global cyberattack, believed to have been carried out by amateurs, it’s important for your business to not only update Windows regularly but also your equipment and software.
Warn your staff not to open emails they don’t trust. Keep a close eye on your IT security to identify malicious intent. Most importantly, create secure backups of all your business-critical information. If you are held to ransom, don’t give into cybercriminals’ demands – you have no way of knowing whether they will return your information or simply try and elicit more money from you.
If you’re unsure about your security landscape, contact us for an evaluation or try our risk assessment here.