By now, you've no doubt heard of the WannaCry (or WannaCrypt) ransomware attack. Since last Friday (May 12), the virus has infected over 300,000 computers in 150 countries.
It was preventable.
Microsoft released a patch that would have protected against the virus in March. The virus was able to infect so many machines because many of them were older, legacy devices running outdated operating software no longer supported with software updates and patches.
We know that you need to squeeze everything you can from business investments. Holding onto computers and software programs too long can open gaping holes in your security – and allow criminals to hold those investments for ransom.
Can't Happen to Me
You listen to the news and think, I'm not FedEx, Renault, the UK's NHS, Nissan, Hitachi, or any of the large organizations hit by this recent attack. I'm good – won't happen to me. Hidden in the splashy headlines is this – the average ransom asked was $300 – that's targeting YOU.
I can also say that many of you ARE exposed. Part of our network security service is a network probe. This allows us to determine network-connected devices, software on machines, and more – including network security status (usually an insecurity status).
Here are four security holes we've found in four separate companies just in the past month:
1. Anti-virus running local to a computer (McAfee, Norton, etc) and not updated since March 2017 – and evidence of malware exploits
2. Running an unlicensed Microsoft O/S - patches not applied (non-Windows 10)
3. Windows XP or Server 2003 - all versions (support ended for XP in April 2014 and Server 2003 in July 2015)
4. Desktops running with local admin rights (will make the damage worse depending on network access)
All of these security holes were identified in the network probe we use.
Ransomware CAN Happen to You
Ransomware is a serious threat to everyone. The most recent WannaCry ransomware caused hospitals in the UK to resort to pencil and paper. While largely contained, criminals are creating the next attack as I type this. Ransomware is a $1 billion industry. Criminals will keep hacking business and personal information and holding it hostage until it's no longer lucrative.
If you don’t know what ransomware is, simply put it is a piece of malicious software that installs itself on your computer and then encrypts your data, making it inaccessible to you unless you pay for the decryption key. This scheme only gets worse. Even if you pay there is no guarantee you will get the key and/or be able to recover your data. This type of malware (malicious software) can affect a single workstation, a server, or an entire environment.
Follow These Tips to Stay Safe
No perimeter network security is foolproof and malware can make it through filters. Every business needs to follow these steps and share these tips with employees. These tips are equally relevant for personal computer use – want to prevent family photos on your hard drive from being held ransom? Pay attention to these tips!
- Immediately apply Microsoft patch as outlined in Microsoft Security Bulletin MS17-010. Go here to download.
- Don’t open attachments from unknown senders. Even be cautious about opening attachments from senders you do know. Malware can come in many different forms including common MS Office type docs and zip files
- Don’t click on suspicious links. As often they can contain malicious software
- Take the time to read things sent to you but don’t open spam messages. One of the easiest ways to get infected is through social engineering attacks where the attacker pretends to be someone you know, or a company you trust
- Ensure that your computer is left on during scheduled maintenance periods. Many attacks are made possible by security holes that maybe have already been patched
- If you aren't sure about installing a piece of software, ask your help desk to help you verify that it’s safe
These are just a few things you can do to help protect yourself.
If you have any questions about this please feel free to ask – firstname.lastname@example.org.