Get Aligned!

The recent spread of WannaCry and NotPetya are rewriting the rules of ransomware, and it’s turning into something far more sinister. If these last couple of strains are an indication of things to come, we’ll be longing for the old days where ransomware had customer service helplines to help you set up your bitcoin payments and you could plead for amnesty over the phone. This new trend indicates a much darker shift, and seems to violate the very honour code that made ransomware so successful in the first place – if you pay, you get your files back. While being infected was a major inconvenience and security experts advised against ever paying the ransom, it was, at its core, a simple transaction, and one that only worked because the trust was in place. With the latest two iterations, that trust has been violated – either payments were unable to be made, leaving victims unable to ever recover their files, or the payment was made, but the decryption key never arrived, leaving users out of pocket with nothing to show for it.

This begs the question, if ransomware isn’t being used to make money, then why bother? Chaos, for chaos’ sake. Who exactly is behind the most recent attack is still unknown, however it’s becoming increasingly clear that the motive was much more anarchistic than was previously thought. What does this mean for attacks in the future? First, if a ransom is not truly expected to be paid, then “ransomware” is probably the wrong terminology for this, so expect another catchy name to distinguish these attacks from others (or maybe we’ll just revert back to the good ol’ “malware” phrasing). Second, the goal will be most likely be widespread system failure, so viruses that can spread quickly from machine to machine within a network will be favoured (as NotPetya does by harvesting admin credentials). Companies will begin to see more strategic targets rather than the previous numbers game which was played by the old ransomware. Finally, the new version will adapt and become smarter. What used to be rudimentary but effective will now become much more insidious and clever as it adapts to safeguards put in place. The future of ransomware is unclear, but what is clear is that now more than ever adequate security checks, employee training, and appropriate software is put in place to protect your environment.

So what can you do to keep your environment safe? Best practice is that for a reason, so abide by it whenever possible. The below are some basic starting points for helping to secure your environment:

  • Limit the administrator access on your environment; no one should be working from administrator-enabled accounts for their day-to-day tasks. They should only be used for administrative tasks, and access should be granted sparingly; access should be revoked whenever there is not a clear-cut need for it.
  • Lock it down. Any ports not in use should have outside access blocked, and your computers should only have the required software on them. The more programmes you have installed, the greater the possibility for a vulnerability or hacked update file.
  • Update, update, update. Install patches as soon as possible. Once the patch is made public, that means the vulnerability is public as well, so the clock is ticking for someone to find a way to exploit it.
  • Backup, backup, backup. Losing your files can be devastating for a company. Review your backup procedures and make sure you have something viable to roll back to if something does happen to your files. Having a backup doesn’t help anything if it’s six months’ old. Also, make sure you have a regular backup testing regime and ensure you have off-site, air-gapped backups.
  • Educate your users. Make sure they know how to keep themselves safe, and make sure you have software (antivirus, Cisco Umbrella, etc.) that will support them. Accidents do happen, but the more layers of protection you have, the better.

Getting infected can be catastrophic for businesses, but we’re here to mitigate the risks and get you up and running again as soon as possible in the case of infection. We’d be happy to have a chat about your current environment and how we could help – just drop us a line.

Back to List

Related Stories

London Property Forecast 2017

London Property Forecast 2017

While London has weathered an uncertain economy surprisingly well and looks set to remain stable in the upcoming year, occupancy rates are e…

Read Post

Ransomware Defence for Dummies

Ransomware Defence for Dummies

The rise of ransomware over the past few years is an ever-growing problem that has quickly become an extremely lucrative criminal enterprise…

Read Post

GDPR: 12 Steps to Take Now

GDPR: 12 Steps to Take Now

GDPR is only one year away, and the clock is ticking to make sure your business is compliant. While there are many similarities between the …

Read Post

IT Security: Are you being negligent?

IT Security: Are you being negligent?

Almost every day there is a data breach in the news. Companies like Yahoo, Linkedin, Adobe, JP MorganChase, and even a US voter database wit…

Read Post

Cyber Security Essentials for the Financial Sector

Cyber Security Essentials for the Financial Sector

Cyber threats are growing more sophisticated and dangerous on a daily basis, threatening to disrupt our interconnected global financial syst…

Read Post

In Or Out; Data Protection Laws Still Count

In Or Out; Data Protection Laws Still Count

As you now know, the UK public voted out in the EU referendum – it is a significant event in UK politics and perhaps the most important vote…

Read Post

Business Email Threat Report 2016

Business Email Threat Report 2016

Have you faced an email cyber-attack before? Do you feel prepared to take on new threats? A majority of businesses don’t have experience …

Read Post

Top 10 Security Tips For Remote And Mobile Working

Top 10 Security Tips For Remote And Mobile Working

There can’t be many businesses today that don’t use remote working to some extent throughout the working day. Even those without a cultu…

Read Post

Insider Threats - The Number One Security Risk

Insider Threats – The Number One Security Risk

While it’s important to shore up your cyber security defences against hackers and cyber criminals, what about planning for and preventing …

Read Post

Commercial Real Estate Owners Use High Performance Wireless To Differentiate

Commercial Real Estate Owners Use High Performance…

In the UK commercial real estate sector, value-adding strategies and technologies are a key theme for 2016.

Although UK commercial proper…

Read Post