Since WannaCry emerged on Friday 12th May, the ransomware virus has reportedly affected more than 200,000 organisations in 150 countries. Whilst the people behind the attack managed to raise only an estimated £15,500 before a fix was found, it does raise major concerns regarding data security.
When ransomware attacks your computer, you will almost immediately get blocked from any access to your data and files, and you will receive a message threatening to keep everything blocked, and possibly deleted, until the ransom has been paid.
It’s important to have as many processes in place to protect your business, and your data, from attacks such as this.
Here are some of the things we have learnt from WannaCry…
Keep on top of your updates
WannaCry was successful by exploiting the security weaknesses of devices running on Windows XP, an operating system that hasn’t been supported since 2014. Out of date and unpatched operating systems leaves users vulnerable to such attacks as security updates are often not provided.
Antivirus software is one way to attempt to stop out of date operating systems being exploited by ransomware and other cyber security threats. However, this is another system to keep updated and relies on an updated or and supported version of operating system.
Customers who have embraced the cloud focus less on patching applications and updating operating systems and infrastructure as this happens in the background for them. Google Cloud products are a great example of this, Chrome OS updates are automatically pushed out every six weeks, whilst updates made to G Suite applications are present when a user next uses them.
This means that the time and resources saved by organisations utilising a cloud first approach can be redirected into improving and future proofing infrastructure elsewhere, making them less vulnerable to attacks like this.
Big or small, organisations of every size are vulnerable to ransomware attacks
Businesses of all sizes are susceptible to attacks of this nature, and WannaCry is a good example of this. Large organisations including Telefonica and FedEx, alongside 47 of Britain’s NHS Trusts were among the many organisations that were affected.
Typically, ransomware tends to target businesses rather than individuals. This is due to the fact that businesses often have more at risk, such as loss of data, and would therefore more likely pay the ransom.
The perception that the best data security solutions are expensive and therefore the reserve of large organisations is being challenged through cloud infrastructure. Google Cloud Platform offers an affordable, scalable infrastructure to businesses, meaning that businesses can tap into the security of a Google data centre whilst only paying for the data that they use.
Backing up your files isn’t enough – it’s time to think Business Continuity
Backing up isn’t enough in 2017, with the focus shifting moving to business continuity. Many of the organisation affected by WannaCry are likely to have backed up their data, but whether it’s using chalk boards to display train times or delays in rescheduling appointments, getting this back online takes time.
Recovering backed up data costs both time and money and will likely impact your customers. By incorporating cloud based solutions in to your business continuity planning, the likelihood is you can return to business as usual quickly, or even avoid the outage in the first instance. Using public cloud services such as Google Cloud, where you can access data from any device, can mean it is sometimes a case of simply getting a new device in order to carry on as usual.
Never pay the ransom
Last, but not least – Do. Not. Pay. Ransom. Research indicates that only 5% of IT professionals would consider paying a ransom as there is no guarantee that your files will be returned. And in the words of the FBI; “Paying a ransom not only emboldens current cyber criminals to target more organisations, it also offers an incentive for other criminals to get involved in this type of illegal activity.”
There are tools available that are able to exploit the flaws in some ransomware encryption codes, allowing you to get some or all of your files back, although this is not always possible. If this isn’t an option to you refer to your backups.