Glyn Miles, Link-Connect Sales Director, talks about the fall-out from the latest malware attacks and how to protect yourself from being held to ransom for your own data.
Oh, I know, it wouldn’t happen to your organisation – all the protocols and training you have in place. But, it just takes one accidental click – an innocent looking speeding fine, an HMRC letter – no one in your organisation will open them – right?
In May 2017, WannaCry crippled more than 230,000 computers in 150 countries. Now coming hard on its heels is NotPetya, which struck in June.
The attack is thought to have affected over 2,000 businesses and individuals.
The Guardian reports that, according to security researchers, the malware’s advanced intrusion techniques seem to have been deliberately engineered to damage IT systems rather than extort funds. It now appears that the infection techniques used a number of different methods to ensure maximum damage to the networks it penetrated.
Whatever the motivation, the outcome for those infected was encrypted hard disc data and a demand for $300 to release it.
The New Scientist stated that Ukraine was apparently the hardest hit, with its national bank, public transport hubs and supermarkets all targeted. However, the NotPetya cyberattack also caused havoc around the world, with sixty other countries also reporting attacks.
Those infected have a clean up job to do. Hopefully they took action quickly to stop it, managed to minimise the impact on their business and are now looking at ways to prevent future malware attacks.
Unaffected businesses – once they have heaved a sigh of relief – also need to take action.
One thing is pretty certain, the attacks are getting more frequent………..more sophisticated……….…more malicious and unfortunately people are leaving themselves vulnerable.
What can you do?
We are seeing a number of our clients adding in extra security layers to their networks and many are asking us what other measures they can take to protect themselves from malware attack.
In our view, a cohesive network security policy is vital providing it combines measures to combat both internal and external vulnerabilities.
Some of the approaches you might consider include:
· Nominate or appoint an Information Security Manager.
· Ensure that all software updates and patches are current.
· Tighten administrative access to network systems and portals.
· Ensure perimeter and central firewalls are Next Generation capable.
· Relocate the demarcation between the private network and public domain to a more suitable and secure location, both geographically and logically.
· Employ a suitable and performant back up process, and apply regular tests.
· Replicate your world in the Private Cloud to remove the reliance on a single data set or physical location.
· Employ Email and Web Security measures capable of sandboxing*.
· Introduce continual staff training and reminder sessions of the need for security awareness and prudence.
· Ensure physical security protocols are adhered to and audited, including office access.
· Coordinate the network security policy to accommodate or disallow network access on personal mobile devices (BYOD).
*Sandboxing is the ability to open and screen any unknown email content, including attachments, in a sterile and off-net environment.
We would be happy to come and talk to you about the best ways to protect your business from future attack. Please get in touch by phone on 01252 740800 or email firstname.lastname@example.org.
Visit our security pages here.