Inside WannaCry and How to Protect Yourself from Future Ransomware Attacks

ransomware_wannacry

Ransomware attacks are nothing new – they are quickly becoming the tool of choice for cyber criminals and have been steadily on the increase in recent years. We don’t tend to hear much about them however, as it’s generally only individual companies or users targeted at a time. The recent WannaCry attack changed all that though, and has put ransomware very much under the spotlight.

What was WannaCry?

WannaCry was a worldwide cyberattack that started on 12 May 2017, and targeted computers running the Microsoft Windows operating system, encrypting data and demanding ransom to return the files. What was particularly devastating about WannaCry was the fact it was also a worm, meaning it travelled via networks to other computers. Within a day of it first appearing, over 230,000 computers in more than 150 countries were infected, with high profile victims including FedEx, Duetsche Bahn, and sections of the UK’s National Health Service.

Preventing a ransomware attack

While the threat from WannaCry has now subsided, the outbreak itself has been a real wake-up call to companies across the globe. It’s brought the danger of ransomware into clear focus, and really reiterated the importance of making sure you’re not vulnerable to future attacks.

We published a blog recently focussing on email security, and some general tips on protecting yourself from scammers which is a valuable read. However, when it comes to malware, and especially ransomware, there are three top tips to minimise the chances of your company being the next victim.

1. Educate your staff on cybersecurity 

While WannaCry was a little different in that it was a worm, ransomware is often delivered as a loaded hyperlink that is accidently opened through an email, webpage ad or even through social media. Make sure your employees understand what they should and shouldn’t be opening or clicking on.

2. Always apply the latest patches. 

Those annoying messages you get telling you an update is available? Well, don’t ignore them! It’s the first line of defence against infection, and your patches should always be up to date. And it’s not just Windows, malicious software can spread through other types of software such as Adobe and Java, so always install any updates that pop up.  Also make sure you’re running a supported version of your software. WannaCry targeted versions of Windows such as XP and 2003 that Microsoft don’t even offer updates for any more. Upgrading your systems may seem like an expense you can’t justify, but it could cost you even more down the line.

3. Get the right anti-virus protection 

Ransomware – and malware in general – is getting more and more sophisticated, so many of the more traditional anti-viral software may no longer be up to the job. This software traditionally relies on static, signature-based methods to detect ransomware, but just can’t keep up with the continuous modifications. Increasingly, the future is in behaviour-based detection mechanisms, which can scrutinise what processes are doing and identify if they are malicious before quarantining and removing them. So talk to your IT team or supplier to ensure your company’s systems have the protection they need.

Of course, as a last line of defence you should make sure all your data is regularly backed up, preferably in a remote, unconnected backup or storage facility so if the worst should happen you can recover your files (paying the ransom is generally discouraged, and is also no guarantee of getting your data returned to you). But as with most things in life, prevention is very definitely better than cure.

It’s not easy staying ahead of malware attacks. Luckily with eWAY, we have invested heavily in gaining Tier-1 PCI-compliance accreditation to protect customers from fraud attacks – Being secure and meeting PCI DSS requirements is a lot simpler when you know your service provider is secure and compliant. We’re recognised within the payments industry as a market leader in providing technical innovation, a robust infrastructure and best-in-class customer support. To get started today with Australia and New Zealand’s leading credit card payment solution, call us on 1800 10 65 65, enquire online or get started with same day setup today.