“This is not just a rapidly spreading attack, but also one with a profit motive. It is the latest in a long line of “Ransomware” programs: malicious code which first encrypts all the computer’s data with random keys, encrypts those keys with a public key belonging to the attacker, and finally presents the user with a ransom message. If the user wants to access the data, they must pay the attacker to release the keys used to encrypt the computer. Otherwise the computer can only be restored from backup (presuming the backup wasn’t also attached to the computer and encrypted by the same attack).” – Nicholas Weaver, Senior Staff Researcher, International Computer Science Institute in Berkeley, California.
How to protect yourself.
- Update your software. If your business is running Windows machines, you MUST update to the latest version of Windows immediately to get the patch that was released on March 14. Note: unsupported versions of Windows (like XP) did not receive this update and should be shut down immediately.
- Back up regularly and keep a recent backup copy off-site. According to Sophos, there are dozens of ways other than ransomware that files can suddenly vanish, such as fire, flood, theft, a dropped laptop or even an accidental delete. Encrypt your backup and you won’t have to worry about the backup device falling into the wrong hands.
- Ensure your business is protected with an external security audit. At MSS, our cyber security expert team will conduct an external assessment of your current security environment to understand your risks and threats, and help you prioritise and rectify major gaps.
- Educate your employees. Help your business users understand what to look for as the first line of defence against ransomware. Use the free anti-ransomware kit below for your business.
- Upgrade your end-user protection. If you value your data, there is no room for second best. Sophos Intercept X is proven to stop ransomware in its tracks by blocking the unauthorized encryption of files.
Global leaders in ransomware protection, Sophos, have released this free Anti-Ransomware Kit
- Anti-ransomware security checklist
- How to stop ransomware whitepaper
- Posters for your workplace
- PPT presentation to educate employees
- Recorded webinar for employees
- Email promoting webinar