Just a month after the WannaCry ransomware attach crippled the NHS, another ransomware attack has affected a dozen countries across Europe and Asia, infecting thousands of computers through the same vulnerabilities that the WannaCry attack exploited. This series of events really showcases just how important it is to take every step possible to protect your business, making sure you have systems in place to regularly update software and hardware in compliance with demand and risk and protecting your machines with anti-virus programmes and active management.
Timeline of events
Ukraine’s Central Bank was the first to be hit by the cyber-attack of the 27th June 2017, with the infection spreading into over a dozen countries including Spain, Russia, India, Poland, Germany, France, United States of America and the UK before the day’s end. While it is not yet confirmed whether these infections are the result of a single attack or if these countries and businesses were targeted individually, the virus is spreading quickly, with more and more reports coming in as time passes.
What is NotPetya / GoldenEye?
The attack was initially thought to be a utilising a variant of the Petya ransomware, however cyber-security experts are now speculating that the infection is more likely to be a result of a new ransomware known as GoldenEye, earning the attack the nickname “NotPetya”.
This virus is especially dangerous as experts have suggested that the suspect ransomware does not have a simple kill switch like the WannaCry cryptolocker did, and as a result, the damage will be much harder to control.
How to deal with a compromised client computer system
Experts advise that you do not pay the ransom, as there is no guarantee that your client’s data will be decrypted, especially as authorities have managed to assume control of and shut down the email address regulating the attack. If you have recent backups or your client’s data, the likelihood of being able to recover their infrastructure is much greater, providing a great opportunity to assess the security protocols in place and help you protect the rest of your clients, preventing the spread of the ransomware. If you do not have any usable backups, it’s a difficult call to make, but the best bet is to hold tight and speak to a specialist who can advise on the best path forward.
Protecting your clients from future attacks
The good news is, Microsoft have since updated their supported operating systems, and even released a patch for some no longer supported operating systems, to protect against the vulnerability that these recent attacks have exploited. This means that simply ensuring that your clients are running up-to-date software is already a big step in the right direction.
To ensure protection, you should also consider a few factors. The first stage to implement is a sufficient anti-virus. By simply downloading and setting up a high-quality anti-virus in your client’s systems, you are already reducing your likelihood of them falling victim to such an attack, and creating and managing effective backups of all any critical data can help you recover quickly in the event of a disaster.
Training staff on the risks
The best way to ensure the continued security of your business is to make sure that your staff and your client’s staff are properly trained on the best practises for avoiding unwanted malware, including the proper methodology for dealing with suspicious emails, pop-ups, unrecognised devices, downloading from unknown sources and more. If you do not have an in-house team who are able to provide such training for your clients, you should consult with a cyber-security specialist who can advise on in-house vulnerabilities and provide your clients’ staff the resources and knowledge that they need to build their understanding of the threats at hand and protect themselves and their business.
Speak to the experts
If you’re unsure as to any aspect of cyber-security, whether it be the best way to protect your business, implementing a routine for the proactive management and updating of critical hardware or creating and managing effective backups, speak to one of our friendly specialist team on 020 8329 1000 today and we will be happy to help.