One of the largest and worst global cyber-attack has been affecting more than 300.000 computers in 150 countries, which locks up computers into the owner piece of ransom. In this case, the hackers are asking for $300 dollars in bitcoin in order to regain control.
It’s important to understand what ransomware is and how it works. Ransomware is defined as a class of malware that is designed to block access to computer data, usually through means of encryption, until a sum of money is paid. Typically the price increases over time until the end of a countdown, when the files are destroyed. So, how a Ransomware works?
- Ransomware starts with an unsolicited email, typically designed to trick the victim into clicking on an attachment or visiting a web page.
- The ransomware leverages flaws in the computer’s operating system to force it to run a ransomware code.
- The ransomware encrypts important files on the system and demands a ransom payment using the digital currency bitcoin.
- The WannaCry ransomware uses Windows flaw to replicate itself and spread around computer networks.
WannaCry was first heard on Friday May 12th from the UK’s health service, which appeared to be one of the first major computer systems affected by the hack. It also hit Telefonica, Fedex, Latam Airlines, and several other organizations. WannaCry appears to travel across corporate networks, spreading quickly through file-sharing systems. The most venerable to be affected by this attack are computers with Microsoft Windows.
This Ransomware is actually just going through the internet looking for vulnerable computers according to security experts; that means you don’t need to click an official e-mail to get infected.
Broadview Networks believes there are 3 layers of defense against Malware:
- Security Protection:
We have solutions to protect the perimeter network (FortiGate), as well as industry leading centrally monitored Anti-Virus solutions (Eset). In addition, Managed Services provides scheduled automated patching on workstations and servers. Patching is a critical step to preventing malware outbreaks, as most exploits, including the one WannaCry uses, use exploits in the Microsoft Windows code that have already been discovered and can easily be prevented.
- User Education:
Unfortunately, most ransomware gets into an environment simply from an unsuspecting user clicking on a link or opening an email attachment. Users need to be aware of the risks, and how to spot them. It is essential for the companies to plan for the worst, with mandatory cybersecurity training for all employees and with the recommended solutions for mitigating the risk.
- Proper Backup and Business Continuity:
A good backup solution isn’t about protecting your files, it should be about keeping your business going. Our backup solution provides local and cloud virtualization, with backups as frequently as every hour, so downtime is minimized, and virtually no data is lost.
Throughout this spread of WannaCry, we’ve been able to prevent a WannaCry infection for every one of our managed services customers. We can never guarantee protection against Ransomware, but when it does happen, our techs are trained in how to respond, and our customers haven’t had to pay a penny in ransom.
Broadview Networks has the solutions designed to help today’s businesses defend against and recover from cyber-security incidents. As well as the training and best practices for your employees on cyber-security.