Lessons Every Business Needs to Learn from the WannaCry Disaster
May 12, 2017 was a dark day for a number of big companies and systems. A ransomware attack that became known as WannaCry was unleashed thanks to an exploit, Eternal Blue, that was ‘stolen’ from the NSA last year and the havoc is wrecked for a few days will take a long time to recover from. Britain’s entire National Health Service was taken down, resulting in real life health crises for patients, the Spanish telecom giant Telefonica was knocked out for days and in fact companies in 150 different countries were affected, including in the US.
These companies included a lot of small businesses as well as major government and corporate players. And yet much of the damage could have been prevented with one simple act; in this case updating Windows 7 to Windows 10, as Microsoft have been strongly advising for months now.
This highlights the need for all businesses, no matter their size, to get more serious about the little, day to day updates and precautions that it’s so easy to overlook. Many business owners who were hit by WannaCry admitted they had not updated from Windows 7 to Windows 10 because 7 was working for them and employees had balked at a change to a new OS. Others had simply ‘forgotten’.
With all of this in mind here are some simple things that your business and employees should keep top of mind at all times. Yes, WannaCry was halted – by a 22-year-old IT intern in the UK, a lucky domain name buy and eventually a Microsoft patch – but it, or malware very like it, will be back, and malware is far from the only tech threat that could be prevented with some simple moves and common sense:
Upgrade Your Software Often
Yes, updating can be annoying. It can be expensive too. But it’s essential. This is especially true of Windows, which has proven to be fairly easily exploitable for years now. If you still run anything lower than Windows 10 and managed to escape WannaCry you were lucky, as 90% of the systems it affected were. Take the time to upgrade now, or, if you are still nervous, you could look at moving to a safer, harder to exploit Linux based system – it’s how Google, Facebook, Twitter, Amazon and McDonalds among others power their systems – but that will be more involved and probably call for outside help.
Back Up Your Data
The point of a ransomware attack is that it encrypts all of your data and then refuses to give it back unless you pay up fast. But if that data is backed up elsewhere, away from your system, you can’t be locked away from it for good. Should your system be hijacked once you clean it up, which is relatively straightforward, it can all be restored from that back up source, no Bitcoin (the preferred currency of hijackers) required.
Beware Email Scams
Email scams are still hugely popular with hackers looking to steal your data and they are still around in droves. And they almost always rely on human error to be successful. Yes, we know your email inbox is bursting at the seams most days but it’s essential you pay proper attention to each message you open. Hover over links, examine email addresses carefully and never share sensitive information without first confirming the recipient’s identity, either in person or with a phone call.
Use Virus Protection
Yes, no matter how sophisticated your hardware is you still need virus protection, especially if you run Windows. And you need to run it regularly and keep it updated.
Beware of USB Storage
This is an exploit tactic that is very easily overlooked. And yet it was a USB vulnerability that is believed to be how the NSA exploit was stolen. Don’t allow your employees to use USB storage from an unverified source and make sure that any USB storage device they – and you – use is virus checked prior to boot up as well.
For consultation on cabling services, GIVE US A CALL 1-800-730-3468. We ensure you that we give a good quality service.