Wed, May 17, 2017

Global WannaCry Ransomware Alert – Don’t Fall Victim

Ransomware continues to make headlines – as it did this past Friday, May 12, 2017 with the WannaCry Ransomware strain. So far, this attack has impacted more than 200,000 computers across about 150 countries according to Europol, taking the title as the largest attack in history. Centrality has 4 primary recommendations to keep you and your user community from falling victim.

Upgrade Any Outdated OS

It is a general best practice to retire any equipment still running on legacy, end of life/end of support software. Microsoft does not continue to support or release patches for legacy software, thus increasing the risk of obtaining malware. Europol also stated that this seemed to be the case with the UK’s National Health Service (NHS), as they were running much of their infrastructure on Windows XP.

For many organizations, especially in the SMB space, funding can be limited and priority may not always be placed on technology or security. However, it is now proving necessary to stay up to date with technology in order to avoid unwanted infections. If it is not in the budget to replace all legacy machines, start with those that are most important. Having a refresh plan will allow for your organization to phase out old software and hardware, but not break the bank with the large capital investment of upgrading everything at the same time.

Be sure to read our blog for additional risks in keeping EOL/EOS software in production.

Keep up with Patch Releases

In a statement Friday, Microsoft said it had taken further steps to protect systems against the malware. “The WannaCrypt exploits used in the attack were drawn from the exploits stolen from the National Security Agency, or NSA, in the United States.” states Brad Smith, President and Chief Legal Officer at Microsoft. ” […] March 14, Microsoft had released a security update to patch this vulnerability and protect our customers. While this protected newer Windows systems and computers that had enabled Windows Update to apply this latest update, many computers remained unpatched globally. As a result, hospitals, businesses, governments, and computers at homes were affected.”

Patching PCs and servers is crucial to ensuring that the latest security scripts are applied to your equipment. In Centrality’s Managed Services model, Proactive Workstation and Proactive Server both include the management and maintenance involved in 3rd party and Microsoft updates. Customers who do not have Managed Services or who have not patched their PCs and servers since March are vulnerable. Consider a program like Managed Services to take the worries out of whether your PCs and servers are being patched.

Educate your Users!

According to the Washington Post, cybersecurity experts said the malware arrived through “phishing” emails attacks, where recipients were tricked into opening phony links or spam emails. Once one computer in a system was infected, the malware spread to other machines on the same network.

In many instances, the root of the attack lies in the hands of one user clicking an infected email or attachment. User education and security awareness training can decrease the risk of human error. Centrality’s Security Awareness training includes simulated phishing attacks for continuous exposure, as well as specialized training classes. Inform your staff of the signs in detecting a suspicious email. See real-time reports in who opens or clicks on the email in your simulated campaign. Track progress in the training modules, with visibility as to who has completed their assigned courses.

Prevent a ransomware disaster from corrupting your business data with this great tool!

Solidify your Backup and DR Plan

Regulated backups and a disaster recovery (DR) plan are best business practices. Having a reliable backup software, such as StorageCraft, Veritas, or Datto are very important. In addition, make sure your backup drives are rotated and taken off-site consistently. In catastrophic situations – whether a natural disaster, hardware failure, or in this case data encryption though ransomware – a DR plan is crucial. Some organizations with multiple locations utilize a device in their own facilities as a geo-redundant, DR solution. Others prefer off-site cloud backup.