The WannaCry Cyber Attack has made worldwide news over the past few days. And as a Managed Service Provider with expertise in IT security, we have received a lot of questions about the details of the attack and what businesses can do to protect themselves. Below is our WannaCry cheat sheet, providing a quick overview of what happened.
What Does WannaCry Do?
Cyber attackers spread ransomware, known as WannaCry, to computers around the world. The ransomware locks down all the files on an infected computer, at which point the hackers demand $300 to release control of the files.
How it happened
WannaCry takes advantage of a vulnerability in Microsoft Windows. The software tools to create the attack were revealed in April among a variety of NSA spy tools that were either leaked or stolen. The tools were made public by a hacking group called the Shadow Brokers.
Microsoft released a security patch for the vulnerabilities in March. But many organisations, including some NHS trusts, don’t automatically update their systems because Windows updates can interfere with their legacy software programs. Consumers are at risk because some people with older PCs disabled automatic updates, and didn’t get Microsoft’s automatic security patch.
How widespread is the damage?
The attack has been found in 150 countries, affecting 230,000 computers according to Europol, the European law enforcement agency. Aside from the NHS, other high profile victims were FedEx and Nissan. The Russian Central Bank, Russian Railways, Russia’s Interior Ministry, Megafon and Telefónica were also hit.
Who is vulnerable?
Anyone who hasn’t updated their Windows PC recently is vulnerable. Microsoft released a patch for computers running older operating systems including Windows XP, Windows 8 and Windows Server 2003. So even people with older computers should update them.
Apple computers were not targeted by this ransomware attack. Hackers usually target Windows machines as there are so many more of them across the world.
How to prevent being attacked
Our IT security experts advise that you don’t rely on any single vendor solution to fully protect your business. Implement a range of different vendor solutions or services that cover different aspects of IT security, and even overlap. This will create layers of IT security around your organisation and make you less vulnerable.
To find out exactly what you need, we suggest you contact a reputable IT company specialising in cyber security for a free consultation.
- Disable your computer’s Server Message Block service.
- Install Microsoft’s patch.
- Back up your data on an offline hard drive.
- Install all Windows updates.
- Use a reputable security software to prevent attacks in the future.
Who is behind the attack?
The hackers remain anonymous for now. A 22-year old security researcher discovered a “kill-switch” to initially stop the spread of the attack, and the ease of stopping the attack suggests the hackers were new to this game.
What happens next
Computers and networks that haven’t recently updated their systems continue to be at risk because the ransomware is still out there. Plus we believe the hackers have issued a new version of the virus, so everyone should remain vigilant—not opening unknown attachments and ensuring all updates are installed.
The battle is on-going.
BTA is one of the leading IT support companies in London, providing comprehensive out-sourced IT support to businesses looking for a competitive edge through technology. BTA can help your company navigate the challenges that lie ahead with regards to cyber security, cloud solutions and data storage. As one of the most established IT support companies in the UK, BTA offers strategic insight and IT consultancy your business can trust. Email firstname.lastname@example.org for more info.