Our IT security advice in light of the recent Ransomware attacks

 

Ramsomware alert image

 

Following the recent spate of high profile ransomware attacks (read about WannaCry here), we wanted to reiterate that there are simple steps to minimise the likelihood of such attacks affecting your organisation.  Please raise awareness within your organisation of what everyone should be looking out for.  

 

Everyone needs to be vigilant

Ransomware usually starts from a malicious email or website, so always think before opening attachments in an email or clicking links or downloads from a website.   

It goes without saying that you should never open an attachment if the email looks at all suspicious, even when the sender appears to be someone you know, and even if the file does not appear to be an executable (.exe) file.

Today’s criminals have come a long way from the poorly spelt and presented emails that were sent previously and are taking time to craft emails that are virtually indistinguishable from genuine ones. Grammatically correct with no spelling mistakes, and often written in a way that is relevant to you and your position in the organisation.  

So you need to be thinking...  

·         Am I expecting the attachment?
·         Do I recognise the email address - not just the name displayed but the actual email address that sent it?
 
If in any doubt, don’t open the attachment. You can always contact the sender (even using the email address you already have) and check that it is legitimate.

Take a look at this screenshot put together by Co-operative Systems showing you how to spot a rogue email.
 
Although we check that our members have systems in place which can help to filter out these issues, it is not always possible to completely block them all.   
We can't stress enough that this is definitely a case where prevention is key.

 

Ensure you are up to date with updates & patches (and not using obsolete operating systems)

You will have read in connection to the NHS attacks about the risks of using out-of-support software.  

This currently includes Windows XP (which has been at 'end of life' since early 2014), Windows Vista and Windows 8 (not yet Windows 8.1).

You should also check your firewall and anti virus subscriptions are renewed and latest updates installed and be aware that Office 2007 will be no longer be supported from October 10th 2017.

 

Check your backups

Fundamental to IT security is a robust back up system in place to guard against loss of data.  If you have good effective backups in place, this will enable a fast restore to a pre-infected state should you be attacked.  

It's important to check your backup solution is working on a regular basis so you can be confident there is as little as possible disruption to business continuity should you need to restore your data from it.

You might be using online services, or tapes / external hard drives, and generated with or without backup software - check that these are saving properly and that you would be able to restore from them if necessary.  If there is an error message, always take action to resolve any issues before it's too late.

If you are using online file storage check details with your provider.  We recently found out that the personal version of Dropbox only allows you to restore a file going back 30 days - however there is an option to extend this period.