How to Keep Your Company Safe from the WannaCry Virus
As you may be aware, a new ransomware virus is spreading throughout large corporations, including the healthcare, telecom, and other industries resulting in 200,000 attacks in over 150 countries. Businesses are still dealing with the fallout from this malicious attack, which is designed to lock files on a computer or server and demand payment to unlock them. Europol has called the attack “unprecedented” in size and virality.
How Ransomware Infiltrates Your Environment
Like other ransomware viruses before it, WannaCry took advantage of a vulnerability in the Windows XP operating system on PCs, prompting Microsoft to send a fix for the security flaw. But, like many other business owners, users often procrastinate when it comes to running updates and patches.
Am I at risk?
The WannaCry virus affects machines running the Windows operating system. If your organization is running a version of Windows, you could be at risk.
What should I do to protect myself?
The honest answer is this: you should already be protected. The time it takes to dig yourself out of a ransomware attack is lengthy, and it isn’t going to be pretty. The best method of protection, is prevention. Utilizing a monitoring service that also manages your system updates is the best way to ensure your company’s digital safety.
Businesses of all sizes should:
- Run Windows Update to apply the Microsoft-issued patch to get the latest software updates.
- Make sure you’re running an anti-virus product to protect against malicious programs.
- Back up important data so you’re not stranded in the event of your servers being held hostage.
- Be cautious when opening emails that you did not expect to receive. These malicious emails can appear very convincing, and pack a serious punch. When in doubt, reach out to the sender and verify that the email is legitimate. Never open attachments that appear suspicious or are unexpected.
- Use a complex password for all of your platforms, both web-based and locally installed. The best safeguard against unauthorized use of your accounts is a strong, unique password.
Mid-market and Large Organizations should:
- Apply the latest Windows Update
- Run additional backups of important data
- Scan incoming AND outgoing emails for malicious attachments
- Ensure all anti-virus programs are up to date, licensed, and properly installed
- Train employees on how to identify malicious attachments
- Implement a “penetration test” against your networks security at least once a year, per the Department of Homeland Security
What if I’ve been attacked?
- Do not pay the ransom demanded by the virus. There is no guarantee that the hackers will return your data to you intact, if at all.
- For businesses, it may be worth it to engage with a Managed Services Provider to help mitigate the attack.
- Restore backups of data
- Contact law enforcement
Ransomware Prevention
While all companies have the best intentions when it comes to be proactive about their IT security, they oftentimes end up reacting to a crisis rather than preventing one. To have true peace of mind, businesses of all sizes can entrust their network security to be constantly monitored for suspicious activity, as well as have any updates or patches proactively installed. Managed Services Providers work to prevent intrusions from occurring through preventative maintenance, leaving businesses more time to focus on their core competencies.
If your team would like to explore proactive managed services for your on-premise servers and Windows-based hardware that is not managed by Trapp Technology, we are here to help. Trapp has a full suite of infrastructure and security managed services to help you get updated, patched and protected. To start the conversation regarding Trapp Technology’s managed services, click here to fill out the interest form.
I’m a Trapp Technology customer. Am I at risk?
Your Trapp Technology servers are protected and are not vulnerable to this malware. This specific malware is taking advantage of a Windows vulnerability that is not applicable to our customers’ servers. We take the security of our users’ environments very seriously, and have taken proactive counter measures to further mitigate the potential for any security threat, real or perceived.