This morning I spent a very interesting hour at Stray FM’s offices in Harrogate where the very patient James Stanley talked me through the ins and outs of recording an interview. The team here felt that it was important to get some advice to businesses in Yorkshire regarding the increasing incidence of cybercrime and the medium of radio presented us with an ideal opportunity. The recent threat (Wannacry by name) which affected organisations across the world is a new type of ransomware whereby it not only encrypts your data and holds it to ransom but then goes on to exploit a vulnerability in Windows to spread around your network and attack any other Windows machines on your network.
We have also recently been notified that fraudsters have been using Trojan viruses/malware to obtain remote access to personal computers and to record the login and password information used to access accounting/payroll and other applications. Once into the system they can then edit existing beneficiary details, changing them to their own bank details to obtain funds illegally.
Here are some measures from Chris Lord, our technical director, that can help you reduce your vulnerability to attack
How do I reduce the risk of this affecting me and my organisation?
Ensure daily offsite backups of your data take place. If you have a backup of your data, they cannot hold you to ransom! Also, don’t forget any data on users’ local machines. The backup routine on your server would not normally back this local machine data up. If you’re not sure how you back up, please contact us.
Install the latest Microsoft updates on your workstations and your servers ASAP. Do not click links in any emails to do this. The email may appear to be from Microsoft or other organisations, but these are likely to be from other cyber criminals who are taking advantage of the latest situation.
Educate your end users to identify suspicious e-mails and not to open e-mails from an unknown or unusual source. DCS can offer training for your organisation to help you with this – http://bit.ly/2qwrD8Q
Strong password policy; passwords should be changed for both administrators and regular users. They should be of a complex nature – something like Password1 is weak, a coded version of a phrase like “Sunshine In Doors“ … “SunSh1n3!nD00rs#4” is much stronger and if the phrase means something to you, you have a chance of remembering it! To change your password, each user can press CTRL-ALT and DELETE (as if you were logging in, on a morning), choose the change password button, type in your existing password and type in your new password twice. That’s it!
A reputable, functioning and up-to-date anti-virus product installed on ALL your servers, PCs and laptops. DCS recommend ESET version 6 which offers built in anti-phishing protection which restricts access to malicious websites that impersonate legitimate ones. This is becoming more and more important as these links are often used as a way for ransomware (and other malware) to break into your system.
Following the above preventative measures will help minimise the risk of Wannacry and most other cyber-threats from affecting you and your organisation.
DCS have offered for some time now ‘Emergency Ransomware Recovery’ contracts, please contact us for more details. Should the worst happen and you are a victim of ransomware, it is imperative you report it as soon as possible to Action Fraud – http://www.actionfraud.police.uk/. Also, speak to the team here and we will endeavour to recover your system from back up.
More prevention tips can be found at the No More Ransom Project website – https://www.nomoreransom.org/
If you have any concerns regarding this latest threat, you can contact our calldesk by e-mail ([email protected]) or by phone (01937 541411) and we will be happy to answer any questions you may have.
Finally, remember to check your backups every day!