In the wake of the recent NHS cyber attack “WannaCry”, please be extra cautious opening emails in the morning! Spread the word! Cyber security flaws can be costly.
If your computer or server has not restarted in a while, it isn’t patched either!
*Update 15 May 2017: WannaCry variants are already out which extend this issue into more countries. This ransomware is spread via network with open services. If you are running Windows 8, XP or Vista download the correct patch from Microsoft Update Services. Windows 7 and 10 users, unless you are forcefully preventing updates, you should be up to date as these updates came out in March for these systems. Up to date antivirus software now detects earlier variants of WannaCry Ransomware. Read Trend Micro’s article here for more information.
There is much more to running a secure network, but at the basic level we can make sure our machines are up to date and have usable backups. We know our monitored client systems have up to date and patched systems with backups; yet there are many businesses and home users in Perth who are still running unpatched Windows XP machines. Coupled with unfortunately configured or missing backups, this is the recipe for a very costly experience. Think about the cost of lost sales, wages and data; the cost of repairing the encryption and restoring backups; and then add the cost of updating systems and implementing backup and security policies. Ransomware attacks like this spread through networks and the internet; each variant is more invasive than the one before.
Even the best Anti Virus software cannot prevent a new virus/ransomware/worm from setting in. Paraphrasing Australia’s Cyber Security Minister, Dan Tehan, in this Australian article, it would never be possible to be 100% sure of cyber protection. New variants of ransomware are created, circumventing previous solutions and using gaping exploits in Windows software. Keeping systems up to date is part of the solution, the best recourse is user cyber education. Knowing when an email or a link is a fake or fishy (phishy) does prevent disasters.
I like to think that Perth Business users are computer cyber savvy. I will be surprised if we receive any emergency phonecalls in the morning. Although the cyber attack that hit the NHS in Europe over the weekend has been thwarted, it doesn’t mean that this is over. Let’s take a brief minute to notice that the NSA created this code; and that the NSA checked the ‘WannaCry’ code after the hospitals in England became technologically useless; and that the NSA “forgot” that they created a kill switch. I think that is odd, but I digress! This is not the end of ransomware or cyber attacks.
As CIO’s, IT Managers, Network/System Administrators we have a responsibility to:
- Ensure computer systems are up to date – Windows 10 is the latest operating system for computers and Windows Server 2012/2016 is the latest for Servers.
- Configure your network infrastructure securely. Microsoft Network MS17-010 and Microsoft Security Bulletin.
- Ensure the patches on computer systems AND servers are up to date. *If your computer or server has not restarted in a while, it isn’t patched either!
- Keep Antivirus, firewall and security software systems up to date.
- CHECK BACKUPS!
- Educate your computer users about inappropriate emails and links.
As computer users we have the responsibility to:
- Update our Windows PCs and keep them patched with updates.
- Use Antivirus, firewalls and security systems.
- Educate ourselves about risky emails and links.
We can help your business cyber security.
Contact us if you have any worries or want to chat about business IT security.