How can I protect my business from ransomware like WannaCry?

Don’t let your organisation fall victim to large-scale cyber attacks 

Last month, organisations of all sizes from around the world were hit by a large-scale cyber attack known as WannaCry – leaving them unable to access systems and data. The attack continued to affect companies over the days that have followed. But what is WannaCry?
Well, WannaCry is a form of ransomware – meaning that it’s a computer virus which encrypts files and keeps them encrypted until the hacker receives payment. WannaCry takes advantage of vulnerabilities in old Microsoft Windows systems, leaving anyone without the latest version in jeopardy.
So far, WannaCry has infected more than 230,000 computers in 150 different countries. High-profile victims include the NHS, which was forced to turn away patients at several trusts, as well as Spanish telecoms company Telefónica and courier service FedEx.
With this in mind, Ebuyer, an online electronics retailer, has developed some top tips for businesses to follow to keep safe from online ransomware:
  1. IT managers and directors should be taking regular steps to ensure their network is secure and all security software is up to date.
  2. Gateway security (a machine through which data packets flow) should be employed and next-generation firewalls installed to allow for deep-packet inspection – a form of computer network packet filtering that examines data as it passes an inspection point. This will help identify hidden threats passing into your network.
  3. Implement internal monitoring and endpoint protection; a methodology of protecting corporate networks when accessed via remote devices such as laptops or other wireless and mobile devices. This will prevent malicious files from gaining access to the network by human error.
  4. It is essential that a reliable and thoroughly tested backup solution be put in place. This should be segregated from the rest of the network to prevent malware from spreading to it once infected.
  5. Ensure systems are up to date and supported for exploit patches.
New data protection laws are coming into play in May 2018 which will replace the current Data Protection Act (DPA) with the General Data Protection Regulation (GDPR).
Businesses need to ensure that their systems are fully protected in order to minimise the risk of breaches. Protecting malware from gaining access is also essential for any company which relies on its network or software to run its service.
Paul Lyon, IT Director at Ebuyer, said: “The cyber attacks on the NHS and the resulting fallout have once again brought into focus the importance of security both at home and in the office. Ransomware has been around for some time but this is by far the most high-profile attack.
“Cyber crime is a growing industry and criminals are becoming significantly more sophisticated and their attacks more destructive. New threats are constantly being developed. Businesses of all sizes, as well as the ordinary home user, are vulnerable to attacks and should always be on their guard.”