6 Ways to Protect Yourself Against Cyber Crime

6 Ways to Protect Yourself Against Cyber Crime

 (0)    0

  ProductsTraining Industry News  

wannacryThe recent international Ransomware attack of the Wannacry virus has brought to the fore the need for expertise and vigilance around cyber crime.

In a world where we rely more on technology than ever, it has never been more important to protect your business, and your data.

This ransomware attack was on an unprecedented scale, and unbelievably started from just one email to a single unsuspecting user, somewhere in Europe. That victim unwittingly opened an email, clicked on its attachment, and let Wannacry into their system.

Using a file-sharing process previously stolen from the US National Security Agency, the virus latched onto the filesharing settings of the host computer, and copied files into dropboxes and shared drives of other computers. This process repeated again, and again, until thousands of organisations all around the world were affected. In the few hours before it was discovered, it made its way around 150 countries.

The virus exploited a security weakness in some versions of Microsoft Windows, namely Windows Server 2003, Windows XP and Windows 8. These versions of the platform do not receive free security updates from Microsoft, putting them vulnerable to attack.

The consequences of Wannacry were, at best, commercially crippling for businesses who had their payment systems cut off, at worst, NHS patients failed to receive lifesaving medical care.

Big Organisations Fell Victim

Worryingly, many of the organisations affected by this virus were big players, so it came as a shock that names such as the ones listed below succumbed to the attack.

  • The UK’s NHS
  • Spain’s mobile technology giant Telefonica
  • Renault
  • Deutsche Bahn
  • FedEx
  • Nissan
  • Hitachi
  • Russia’s Central Bank, Russian Railways and the Interior Ministry
  • India’s state police force
  • Bank of China
  • Japan’s government offices
  • Brazil’s Foreign Ministry

Workers arrived at their desk on Friday morning to a message warning that their files had been encrypted. The computers were rendered useless in the short term, but the files would be decrypted if they made a bitcoin payment of $300 to a named url. The deadline for payment was three days, and if the money was not transferred, the files would start to be destroyed.

An International Hero

After a few hours, the knight in shining armour was a 22 year old British security researcher who is an online blogger writing under the pseudonym of MalwareTech. He noticed that the domain to which the threats pointed was unregistered, so he took control of it and stopped the malware in its tracks.

MalwareTech is an international hero thanks to his quick thinking, but there is no doubt that this remedial action is only a temporary fix. Experts are already viewing this attack as a ‘warm up’ with another more sophisticated attack expected in the not too distant future.

You can read the story of how MalwareTech beat this strain of WannaCry here.

So what can you do to protect your business from cyber attacks like this one?

We know that malware is constantly evolving to try and stay one step ahead of anti-virus software, but you can minimise your risk with some fairly simple steps. Here are just a few ideas on how you can mitigate your risk:

1. If you use one of the affected platforms, you can download a security patch here. If you use a supported version of Windows and receive security updates, ensure they are installed and up to date.
2. Make sure your virus protection is updated regularly.
3. Follow the golden rules… NEVER open any attachment that you are not expecting, is from an unknown source or has a strange sounding or misspelt name.
4. Implement a mandatory password change process where users are required to use a unique password every 30 days.
5. Back up your sensitive files to an old computer which is NOT connected to the internet.
6. Train your staff to arm your business against attack.

If you would like advice on the training available around cyber crime, you can talk to one of our friendly advisers on 0115 8705075, or email us on trainingteam@envisiontraining.co.uk.

Sources:

The Daily Telegraph www.telegraph.co.uk

Financial Times www.ft.com

www.Ibtimes.co.uk

 (0)    0

Your comment has been sent successfully. Thanks for comment!
Leave a Comment
Captcha