The ransomware that hit trusts in England and Scotland, known as Wanna Decryptor or WannaCry, has infected 200,000 machines in 150 countries since Friday.
Essentially a virus planted on your server by cyber attackers which locks you out of your system until you pay a ransom to regain access, ransomware can be difficult to detect, and will often look like a normal email, an internet download or PDF. As the NHS continues to recover from the chaos wrought by the attacks, we have compiled ten key steps that should help to protect your business against cyber-attacks and data loss.
1) Be on your guard against suspicious emails
Even with everyday correspondence, you should be on the lookout for unfamiliar language and content that doesn’t seem quite right. Things like poor grammar and a strange tone can also be clues that something isn’t as it should be. Make sure you look closely at the sender’s domain, too: check it matches the one you’re expecting. Often hackers will make tiny changes to familiar email domains and, when you’re busy and have a lot of emails to deal with, it’s easy to miss these small tell-tale signs and click on a link or attachment. It’s important to stay alert.
2) Do not open suspicious attachments
So-called ‘phishing’ is the most common form of attack, targeting individuals with an email containing an Excel file attachment and asking for a payment. Once it’s open, there’s no going back. The malware will be installed on your computer, potentially giving full access to the cybercriminal and enabling them to extract and send themselves valuable data, such as bank details, passwords and account information.
A good rule of thumb is never open attachments if you are even remotely unsure, and check with your IT department or provider if you have any doubts about the authenticity of an email.
3) Keep your anti-virus software up to date
Having the right anti-virus and anti-malware in place is crucial. Your IT manager or company should regularly and proactively review your antivirus provision to make sure it continues to give you the protection you need. Make sure that you update it when they tell you to update it, and you’ll be well protected.
4) Update computer operating software
Although it can feel time consuming and inconvenient at times to allow your computer to perform any required updates, it is much better to take the time to do it than run the risk of infecting your own and possibly everyone else’s machines. Most computers will update automatically when you come to turn them off, but you can check at any time to ensure your machine is up to date.
5) Ensure a daily backup is in place and operational
By backing up your data you are ensuring that, if you were to fall victim to a cyber-attack, you will be able to get your business up and running again with minimal disruption. Without effective backups in place, a disaster could spell the end for your business.
6) Use minimal user permissions where possible
Failure to effectively manage user permissions could have disastrous consequences as attackers can often use unused or compromised user accounts to carry out their attacks. If allowed to, they will return and reuse the compromised account on numerous occasions, or sell the access to others. The system privileges provided to the original user of the compromised account will be available to the attacker to use. Ultimately attackers will seek to gain access to root or administrative accounts to allow them full access to all system information, services and resources.
7) Consider internal security policies and staff training
As new staff members join the business they will need to be trained in your policies and procedures, but longer serving employees will also need to make sure they don’t let what they’ve learned fall by the wayside. By offering regular webinars, online training and refresher courses as part of your wider IT security strategy, you will be making sure that everyone in the business has the knowledge they need to safeguard your company from cyber-attack.
8) Scan all removable devices before use
Aim to scan all removable devices before allowing them to be used on machines with access to corporate systems. Designate a computer that is set up to safely check for malware. Keep the system segregated from network resources to prevent it from transmitting any malware on tested media across the network, and run malware scans on the device while it is connected to the secured system.
9) Plan and test disaster recovery plans
Getting backups right is crucial, and it remains a very real challenge for businesses. You may think you’ve got it right, when in fact it isn’t working as you thought it would, or at all. Testing your disaster recovery plan (DRP) regularly will help you understand the time it will take to restore systems to a useable state and what data is likely to be lost due to back up schedules. You can then adjust your backup schedules accordingly.
10) If in doubt – check with your IT company or IT manager
The process of developing and instilling cyber-security is not a one-off deal, but rather an ongoing and constantly evolving process. You shouldn’t feel embarrassed or nervous to admit to any gaps in your knowledge, and a quick check with those in the know could make all the difference.