What You Need to Know About the "WannaCry" Cyberattack
Posted on 05/17/2017 at 08:00 AM
Unless you’ve been living under a rock, you’ve probably already heard about the massive cyberattack which began last Friday afternoon (May 12th). As the largest of its kind in history, the impact of the attack has been felt globally, reaching over 150 countries. Though the number of affected systems is growing, most sources are reporting that over 300,000 computers have been infected thus far. While the threat slowed as of Monday, experts are concerned that new versions of the virus could still surface.
Exactly what is ‘WannaCry?’
A definitive conclusion has not yet been reached, and experts are still disagreeing about exactly what the virus is and precisely how it spread. However, we do know that the virus, dubbed ‘WannaCry,’ was a “ransomware” attack, meaning the malware works to essentially hold user files hostage until the victim pays a ransom to unlock them. At the point of infection, a message is displayed to users: “Oops, your files have been encrypted!” It then demands a sum of money, usually around $300 in Bitcoin, in order to release the user’s files.
Should victims cave to the demand for ransom?
While early reports estimated that attackers could collect over a $1 billion from victims desperate to regain access to their files, experts are now saying it is much less than that, closer to $50,000. In any case, paying the ransom is not a recommended solution. Though it could work in some cases, there is no guarantee that this will safely restore your files, as we must remember we are dealing with cybercriminals who cannot be trusted to deliver. In fact, experts worry that surrendering to the demands for ransom may encourage attackers to strike again.
Who was affected?
Among some of the companies and government agencies affected were FedEx, Britain’s National Health Service, and the Russian Interior Ministry. British hospitals and medical facilities were hit particularly hard. It was reported that around 45 facilities were crippled from operations, as the virus prevented doctors from accessing patient files. It also forced emergency rooms to divert patients to other facilities.
Who is susceptible?
Though the attack itself appears to have been indiscriminate, aiming for volume rather than a specific audience, it does seem that businesses and large organizations are particularly susceptible. This was especially true for those with outdated software, as the attack exploited a known flaw in a Windows protocol which many businesses and organizations rely on to send and share files.
How does the virus spread?
Many cybersecurity authorities are blaming phishing emails (email messages that contain infected malware in the form of attachments or links to files), as that’s usually how ransomware spreads.
However, WannaCry doesn’t always follow this pattern, which has left even the most experienced of experts shaking their heads. As the investigation continues, we will likely see a number of theories emerge that we hope will shed light on how this virus operates.
How is an attack of this nature avoided?
Global Reach does our part…
Global Reach takes security very seriously and our standard operating procedures include many precautionary layers by default to ensure a safe hosting environment for your website.
We ensure our security protocol is up-to-date when it comes to antivirus and antimalware software, including spam filters and firewalls. Our systems are patched on a routine basis. We abide by the Payment Card Industry Data Security Standards and are PCI Compliant, meaning that we can accept, process, store or transmit credit card information because we have met a set of very strict security requirements.
While we make it a point to go above and beyond to protect our clients, and our practices greatly reduce your vulnerability to these attacks, they are not silver bullets. Security should involve many layers, and some of those layers can only be put into practice locally, by you.
To be truly secure, you need to do your part as well...
Additional steps should be taken to safeguard yourself. For instance, participating in user training on how to prevent infections and limit damage is a huge step toward blocking attacks of this nature. Ensuring regular backups of your systems are taking place, backups that include off-site copies can help make certain that if the worst does happen, you can quickly regain access to mission-critical files in order to return operations to your business or organization. Also, make sure you install Windows updates when they are available. Finally, if your system is so out of date that Windows updates are not available, understand that your equipment is virtually obsolete, and it is time to upgrade.
Need Our Guidance?
Our IT support services can help safeguard and prepare you for an attack, be it through on-site help or through consulting on best security practices you can incorporate into your daily routine. Reach out to us today to find out if you’re doing everything you can to reduce your vulnerability to a cyberattack.
Categories: Safety and Security