How To Prevent Ransomware in 2017
In May 2017, a message greeted workers in the UK’s National Health Service (NHS): “Oops, your files have been encrypted!”
This is how malware known as WannaCry made its debut. With systems locked and critical files encrypted, medical offices closed and hospitals were left with no choice but to turn patients away. How did this happen? Security experts believe an NHS user clicked a link or opened a file they shouldn’t have. Others pointed the finger at the NHS’s network of outdated hardware and unsupported software as the main factor that rapidly increased the spread of WannaCry.
Spreading ransomware isn’t hard because it is easy and cheap to spread. In the case of WannaCry, it can infect connected systems without any user interaction. When it infects new systems, it “locks” the users files, demanding a fee to unlock them and give access back to the user. Given how quickly ransomware can spread, it can easily increase the pressure on an organization, like NHS, to pay. If all of their files are locked, and they have no disaster recovery plan, the only way to do business is to pay the fee and unlock the files.
Is healthcare more vulnerable to attacks?
Healthcare organizations are attractive targets to hackers because of the following:
- Most healthcare organizations have older hardware, software and security systems
- Easy to bypass security systems that are either outdated or misconfigured
- The data healthcare organizations hold is extremely valuable – sensitive patient health records and personal information
How to stop ransomware infecting your organization:
Prevention is better than cure – especially when it comes to the security of your IT. Even if you are dealing with a tight budget, you don’t necessarily have to spend a lot to ensure your network remains free of attacks like WannaCry.
Your users should be the first line of defense. If employees don’t know what to look for, how can you expect them to prevent an attack? Here are some tips for keeping your staff ready to defend:
- Train your staff so they know how to identify phishing attacks that could contain malicious ransomware
- Have a clear email security protocol that discourages users from clicking on suspicious links, attachments or emails
- If a computer is infected, isolate it from the network and alert all staff
In addition you should have a disaster recovery and back-up plan in place. Should disaster strike, and your organization is attacked, a disaster recovery plan can mean the difference between paying thousands of dollars and shutting down or a few minutes of downtime and back to business as normal. Some general preventative measures include:
- Running updated software with the latest security patches
- Regularly back up your systems to physical sources and the cloud
- Working with a Managed Service Provider to regularly check security
- Hosted Exchange for email
- Cloud based data storage
Ransomware is constantly evolving. As threats evolve so will the need to protect your business. Contact Datasmith to make sure your defense is strong and able to protect you against attacks.