WannaCry 2.0 Malware Strikes Global Businesses
Here We Go Again! WannaCry 2.0 Malware Strikes Global Businesses
Posted on May 17, 2017 in IT Security
On Friday and over the weekend, a major piece of malware infected hundreds of thousands of computers, taking down everything from businesses to the U.K.’s National Health Service. The malware was called WannaCry 2.0.
Ransomware is malicious software that burrows into your computer and encrypts the files on your machine, keeping you from being able to access them. The malware’s creator then asks that you to pay a fee to unlock your data. WannaCry 2.0 uses a vulnerability in Microsoft’s (MSFT) Windows operating system to attack users’ computers.
The first wave of the WannaCry 2.0 attacks seems to have passed. But chances some hacker will repurpose the malware and send it back into the wild again. There has been some talk that the next wave could specifically target businesses, both large and small, in the United States.
Ransomware doesn’t just appear on your computer. It has to be downloaded. And while you could swear up and down that you’d never be tricked into downloading malware, cybercriminals get plenty of people to do just that. This typically happens by opening and clicking on links or attachments in an infected email.
That email you opened to get ransomware on your computer in the first place was specifically written to get you to believe it was real. That’s because criminals use social engineering to craft their messages. For example, hackers can determine your location and send emails that look like they’re from companies based in your country.
It’s not just email, though. An attack known as a drive-by can affect you if you simply visit certain websites. That’s because criminals have the ability to inject their malware into ads or links on poorly secured sites. When you go to such a site, you’ll download the ransomware.
How to protect yourself:
Software and OS Updates
The very best way to protect yourself from these types of attacks is to constantly update your operating system’s software and apps like Microsoft Office and Adobe Flash Player. For businesses, there are patch management systems that can monitor all of your business computers for outdated versions, automatically download the updates needed and then push them out from a central repository. No business owner has the time to constantly stay on top of the amount of updates needed to truly be protected. A software system designed to do this heavy lifting for you is the way to go.
Always maintain and test a reliable system to back up your files. You can either do that by backing them up to an offsite data backup service or by backing up to a near line storage or external drive. Some ransomware can infect your backups however so you will want to choose a business option rather relying on a Google Drive or other “retail” level system. If you’re backing up to an external hard drive, you’ll want to disconnect it from your PC when you’re finished.
Anti-virus software and Internet content filtering
An up-to-date and properly licensed anti-virus software will help prevent malware from becoming present on your machines. Internet content filtering will help block websites that are potential problems in the first place thereby lowering your chances of accidentally visiting one of these sites to begin with.
Find out just where you are with your technology
Technology should never be considered a “set it and forget it” part of your business. It takes constant tweaking, monitoring and maintenance to make your system reliable. You should strongly consider having a formal IT Security Assessment performed on your system no matter how large for small your business is as these formal scans can give you an excellent chance to find out just where you have vulnerabilities.
We can assist you with any of the above protection measures mentioned above. It is far less costly to be proactive than it is to be reactive. NOW is the time to find out, not later or…….after!