Here is some more information about the NHS cyber-attack that started on Friday.
The Ransomware variant is called WanCrypt0r and 81,000 infections were reported in the first 12 hours. It has not only targeted the NHS but has also gone for Banks, Telecoms and Utilities worldwide.
It has been established that the criminals are exploiting a known vulnerability in Windows (MS17-010) which has already been patched, but those computers which do not have up to date Windows Updates are still vulnerable.
We have warned customers before about the Ransomware threat and the extent of this attack means that we should all consider increasing our defences, especially businesses but also homes, as Ransomware can be spread via emails.
As there is no way to guarantee 100% protection against threats, we have to make it as difficult as possible for the threat to take hold and how much you decide to do depends on the level of risk you wish to take.
1. Ensure that Windows Updates is kept up to date
Windows Updates contain security fixes (amongst other things) and computers that have not been kept up to date are vulnerable, as in the case in this attack. Admittedly Windows 10 gives you little choice when it comes to Updates (you have to have them) but if you are using any previous version of Windows – make sure that Updates are kept up to date.
If you are still using Windows XP or Vista, you shouldn’t be. These versions of Windows no longer get Windows Updates.
Microsoft have now issued a patch for XP and Vista. Go to this web page to download the patch if you are still using XP and Vista (demand is high so it may take more than one try). Please note – this patches this vulnerability only so you should still move away from these unsupported operating systems.
2. Make sure that you have a good antivirus product that is kept up to date
Good security products give a better degree of protection but they have to be kept up to date, with active subscriptions. Free antivirus is better than nothing but does not give protection that is as comprehensive as paid versions.
3. Install extra protection.
Usually, you should not have more than one security product installed on your computer at any one time, but there is a product called Malwarebytes, which can be installed as well as your existing antivirus. This increases your protection especially from Ransomware, if you install the premium version.
4. Consider your backup situation
If a computer is infected, the virus goes across a network and it is possible that any connected storage will also get infected – this includes cloud storage such as Dropbox. Having said that, Dropbox state that within 30 days of the event they can restore your files (here) and you can subscribe to extend the 30 days to 1 year if you choose. If you are using any other Cloud storage, check with them to see if they have a similar service.
It is vital that your important files are backed up and a copy kept separate from your computer. In the event of an infection, you can at least relax a little that your important data has not been encrypted.
5. Consider downtime – system backups
When a computer has Ransomware, if you have backups of important files you will not need to pay the criminals. It is likely that the computer will need to be wiped clean and Windows reinstalled, which takes time.
There is software available that can take a copy of your whole computer, which could be used to reinstall the whole system in much less time than a full reinstall. A copy once every 2 or 3 months would allow you to get back up and running in much less time.
As mentioned earlier, many viruses are spread through emails, so never click on links in emails and do not open attachments unless you know that they are genuine emails – if in doubt call the sender.
If you would like help with any of the above, give us a call on 01455 209505.