Reports about the largest ransomware attack in history have been everywhere for the past two weeks. Corporations, governments, and private citizens seem terrified at the prospect of a cyber attack on this scale. Their concerns are justified.
Nearly 200,000 computers in 150 different countries were affected by the attack. ‘WannaCry’ may have been the largest attack of this nature in history, but it certainly won’t be the last. Even after a 22 year-old security analyst accidentally stopped the attack and Microsoft issued a fresh patch for its older software, experts warn that more than 1.3 million devices remain vulnerable to more attacks.
Cyberattacks have risen by 50% in the past twelve months alone. A clear majority (70%) of these are ransomware attacks, according to a report by Verizon.
Even though some decryption tools became available, like the Wannakey, that retrieves the private RSA key used by WannaCry, or the WanaKiwi, it is not certain if the victim can retrieve their data. And the damage of lost or even stolen data can be irreversible.
The next attack can be expected to be much more sophisticated and widespread. Protecting against the inevitable should be top priority for businesses across the world, so here’s what you can do to protect yourself and your data:
WannaCry was a specific ransomware designed to exploit a vulnerability in Microsoft’s Windows 8, Windows XP, and Windows Server 2003 operating systems. If all those sound old, that’s because they are. Government agencies, large corporations, and healthcare providers are usually pretty behind on updating their software, which made them particularly vulnerable. The attack started off with Britain’s National Health Service and spread from there to other older OSes.
The best way to combat this is to make sure all your business software is up-to-date. Auto Updates are best for small businesses, but you might have to hire an IT expert if your business runs on proprietary software.
Storing backup data on a secure server in a secure location (like Switzerland) could help you recover files even if your systems are held to ransom.
It helps to have basic security features installed throughout your business. Not all attacks are ransomware attacks, so taking precautions against other forms of cybercrime is imperative. Deploy a firewall on your work stations, install a professional version of antivirus, encrypt all your data and use platforms that store communications and files behind a two-factor authentication system. Covering all the security basics will lower the risk of damage from any type of cyber attack.
Perhaps the most important thing you can do is train your staff. Despite their technical sophistication, cyber attackers still seek out human error as a way to infiltrate a system. Data loss is far more likely due to human error than by malicious attacks. Take the time to hire a security expert to help your staff learn the basics of staying safe online. Regular workshops and training sessions at work should help immensely.
Unfortunately, cyber attacks like WannaCry are expected to keep growing and getting more serious. This time the attack temporarily took out health services and government agencies, next time it could steal bank savings, customer credit card details, or sensitive information from large firms.
Most businesses fail to protect themselves appropriately, despite the growing frequency of such attacks. The steps outlined in this article are simple but effective ways of cutting down the risk to your business and personal data.