As you undoubtedly read online or saw in the news, a brand new “ransomware” virus called WannaCry impacted over 150 countries, 250,000 computers across multiple verticals including healthcare and banking.
In March, I wrote about the seriousness of security threats, malware, and ransomware on our FlexManage blog, and what we can do about it to protect our client’s data. With the WannaCry ransomware impacting hundreds of thousands across the globe, I want to be certain that we are providing you with the most up-to-date information on what we can do here at FlexManage to assist you.
What is WannaCry?
WannaCry is an insanely fast-spreading ransomware malware that leverages a Windows SMB exploit to remotely target a computer running on unpatched or unsupported versions of Windows. To highlight the severity of this attack, Microsoft President and Chief Legal Officer wrote on Microsoft’s blog that an “equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen.” In fact, he went on to say that in a “completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action”.
Importantly, the Microsoft MS17-010 patch addressed the vulnerability, and all supported Windows systems fully patched as of March of 2017 should not be impacted by the virus. That being said, Microsoft just released information on WannaCry and an unprecedented “special security release” for Windows XP, Vista, and Server 2003.
Easy ways you can protect your organization against these types of attacks right now
Everyday 2,803,036 million data records are lost or stolen. That works out to 116,793 data records every hour, or 1,947 every minute, or every 32 seconds. As the law firm Baker Hostetler reported in their 2015 Data Security Incident Response Report, “no industry is immune”. It’s why our nation’s top intelligence officials have said that for the first time, “cyberattacks and digital spying have eclipsed terrorism as the top threat to national security”. The Baker report suggest that some 62 percent out of all the causes of a data breach are a result of human error, such as clicking on a suspect link or downloading an attachment from a suspicious e-mail. Here are some things you can do to protect your environment today:
- Think before you click. Instructing every employee to be extremely careful when clicking on hyperlinks and opening attachments in e-mail. It’s crucial that we all check the exact address before taking action. When in doubt, ask your IT professional or FlexManage.
- Strong firewall protection. Every organization needs to have both a strong firewall and have it updated regularly.
- A regimented patching policy for Windows, Anti-Virus and Malware, and Java that is complied with
- A password policy that requires strong passwords with a mix of uppercase, lowercase, numbers and symbols and is changed every 60-90 days.
- Shoulder surfers. Finally, we all love to have our data on the go – but so do hackers. I’m a huge proponent of purchasing these 3M privacy screens for your laptop, tablet, and mobile phones. Don’t let the person behind you see your e-mails, texts, or contact information. So many of us have data that hackers would love to get their hands on – prevent shoulder surfers with these screens. A small investment goes a very long way.
What can FlexManage do to assist
If you are not currently one of our Managed Services customers, we would like to let you know that we provide 24/7 monitoring of critical components such as servers, infrastructure, data storage and network applications and End-Point Protection that combines key components to protect clients from new and unknown viruses. Our proactive approach starts by defending our customers’ system from attacks through patching, anti-virus and anti-malware. Our team would be happy to discuss these options with you, as the security of your data is of the utmost importance to us.
I sincerely appreciate the few moments you took to read this very important message. If you have any questions whatsoever, please call or e-mail me directly and I will be more than happy to discuss this matter with you further.