WannaCry Ransomware hits global targets and businesses of all sizes are at risk

WannaCry Ransomware hits global targets and businesses of all sizes are at risk

 

 

The scale of the WannaCry ransomware attack over the weekend, both in terms of global reach and the prominence of the victim organisations, took many by surprise.

The NHS in the UK, telecoms company Telefonica and electricity supply company Iberdrola in Spain, Renault in France, Deutsche Bahn in Germany and FedEx in the US and many other organisations around the world all suffered disruption to a greater or lesser extent.

The hunt is now on for the group who delivered this attack but regardless of whether they are uncovered, the fact is that cyber-attacks will continue to proliferate and not just high profile organisations are the victims.

Ransomware and other malware attacks are often delivered by malicious email campaigns known as phishing attacks. However, this attack exploited a Windows vulnerability known as EternalBlue and required no user intervention.

Microsoft issued a patch for this vulnerability in April for Windows 7 and Windows 10 and then took the unusual step on Saturday, of providing a patch for the no longer supported Windows XP and Windows 8.

As WannaCry spread so far and so rapidly, the number of unpatched systems around the world became apparent and more than 200,000 victims in 150 countries felt the effects.

As the events of the weekend showed, ransomware is highly disruptive causing major downtime and leading to costly remediation – and unless recent and reliable backups are in place it is difficult to recover without resorting to bowing to the extortionists ransom demands.

How do you protect your home and business systems from this attack and ransomware in general? There is excellent advice here from the National Cyber Security Centre, follow the various links to learn how to apply the latest patches and how to combat ransomware.

We would also recommend that your business has a security audit to identify any unpatched devices and recommend urgent remedial action where necessary. To learn more about security audits please contact us on 01209 340030 or by email enquiries@cfsystems.biz