The recent global ransomware attack, referred to as ‘WannaCry’, that resulted in over 45,000 attacks and infected major companies, hospitals and other government institutions, unfortunately caught many off guard.
WannaCry targeted computers running Windows operating systems that had not been updated with a security update released by Microsoft in March 2017, as well as computers using older, out of support operating systems like Windows XP that had no available security patch for the known vulnerability exploited by WannaCry.
Though the ransomware attack has been halted, if somewhat accidentally, it is possible that other variants of the malware are still active and therefore are continuing to spread.
Sysnet recommend that all users of Windows operating systems ensure that those operating systems are up to date and have installed the update Microsoft Security Bulletin MS17-010. Take the following steps: Enable Windows Update, update the operating system and then reboot. Microsoft announced that they have also released for manual download the security update for out of date platforms that have Microsoft’s Custom Support: Windows XP, Windows 8, and Windows Server 2003.
Ransomware – What can organisations and businesses do to protect themselves?
Prevention is better than cure, with that in mind, when it comes to protecting against ransomware we strongly recommend that the guidance given in our previous articles is read and shared:
- Ransomware – Tips on prevention, response and evading extortion
- Ransomware – Did you update your incident response plan?
- New tools in the fight against ransomware
Unlike most types of crime, ransomware is a straightforward and direct way to generate revenue for criminals. There’s no need for complex money laundering or ‘cashing out’. Unfortunately, therefore, the threat from ransomware is expected to continue and expand in 2017.
Sysnet has extensive experience in compliance and security. Our passion for pragmatic and innovative solutions when it comes to addressing Cybersecurity problems allows us to be the thought leaders in the market when it comes to addressing such multi-layered and complicated challenges related to security.
We can also help you in designing, implementing and documenting appropriate security controls, procedures and policies to meet your obligations, all within a holistic cybersecurity framework that takes into account all other applicable standards or regulations that are appropriate for your business.
If you are a merchant that requires technical or PCI DSS help, please click here