Expertise Beyond the Numbers

Protecting Your Business from a Ransomware Attack in the Wake of WannaCry: Five Fundamental Technology Practices to Implement Now

As the “WannaCry” ransomware attack dominates headlines (rightfully so?), how can you make sure your business is properly protected from future cyber threats? The following SC&H Group blog post from the Technology Advisory team touches on the “impact” of this most recent attack and highlights five fundamental technology practices every organization should implement to prevent your business from becoming the next ransomware victim.

One of the largest ransomware attacks to date took place this past weekend, impacting 200,000+ computers in over 100 countries. This latest attack, referred to as “WannaCry”, “WannaCrypt”, and “Wcry”, pinpointed a specific Windows vulnerability. Most of the targets affected were older operating systems, such as Windows 2003, Windows 8, and Windows XP.

Yes, you read that correctly – 2003, 8, and XP. Systems that have long since eclipsed their support period from Microsoft, and likely after multiple warnings from Microsoft. Which begs the question, why is this attack which, thanks to a 22-year-old computer security researcher’s domain registration smarts, has only netted a bit more than $55,000, caused such a stir?

This is largely due to the fact that cybersecurity is very hot right now, with ransomware robbing victims of an estimated $1 billion in 2016. The unfortunate reality is that businesses and organizations can quickly fall victim to this type of online threat and “hacks” are very much top of mind on a global scale right now.

Ransomware involves hackers installing malware that restricts access to an infected computer system. A system user typically receives an attachment via email that masquerades as an official software update, and when opened, launches the threat. From there, cyber criminals demand that the victim pay a ransom to the malware operators to remove the actual restriction.

If you are running newer operating systems, and were patched with the necessary security updates from March 2017, then good news − you are likely safe from this particular ransomware outbreak. But, what about the next version of “WannaCry” – how can you safeguard your organization from the next ransomware attack?

There are five fundamental technology practices that organizations should implement to effectively prevent ransomware and cyberattacks, which are outlined below:

  1. System Updates: One of the best ways to prepare your network for a potential ransomware attack is to keep all software and systems current with all appropriate updates.  Confirm that daily anti-virus updates are installed on every laptop and server, and are actively scanned for infections. A sound enterprise management program is vital to successfully performing these critical updates.
  2. Verify System Updates Are Initiated by A Trusted Source: Make sure that software updates are delivered from vendors or internal IT staff using agents that run on your employees’ computers – not through email.
  3. Validate Data Backups: Check to make sure you are backing up all critical data and validate backup processes, which will help recover much of the data encrypted by the attackers in the event of a breach.
  4. Test Data Restore Processes: Validate that you can properly recover and retain historical data. Too many times, organizations backup their information without verifying them with data restores.  This leads to unexpected and unwanted results.
  5. Educate Employees: Teach your employees to “think before clicking,” and cautiously consider the ramifications of opening unrequested email attachments or links. Most people have a natural willingness to click on links or open attachments received, especially if under the disguise of a co-worker or leadership team member.  Responsible computing habits are part of a good cybersecurity training program.

Many cyberattacks can often be prevented by following fundamental technology guidelines and operational best practices as well as establishing an institution-wide, risk-conscious culture. These types of threats are never anything to be taken lightly, and if anything they are blocking and tackling items that we’re counseling our clients on throughout our engagements. But part of keeping your name out of the headlines is simply making sure that you’re making sound technology decisions.

By following these five best practices, you can help prevent your organization from becoming the next victim of a ransomware attack and the focal point of a global fire drill.

Interested in learning more about ransomware prevention, and assessing your IT security? Contact SC&H Group’s Technology Advisory practice here.