Get Aligned!

The recent spread of WannaCry and NotPetya are rewriting the rules of ransomware, and it’s turning into something far more sinister. If these last couple of strains are an indication of things to come, we’ll be longing for the old days where ransomware had customer service helplines to help you set up your bitcoin payments and you could plead for amnesty over the phone. This new trend indicates a much darker shift, and seems to violate the very honour code that made ransomware so successful in the first place – if you pay, you get your files back. While being infected was a major inconvenience and security experts advised against ever paying the ransom, it was, at its core, a simple transaction, and one that only worked because the trust was in place. With the latest two iterations, that trust has been violated – either payments were unable to be made, leaving victims unable to ever recover their files, or the payment was made, but the decryption key never arrived, leaving users out of pocket with nothing to show for it.

This begs the question, if ransomware isn’t being used to make money, then why bother? Chaos, for chaos’ sake. Who exactly is behind the most recent attack is still unknown, however it’s becoming increasingly clear that the motive was much more anarchistic than was previously thought. What does this mean for attacks in the future? First, if a ransom is not truly expected to be paid, then “ransomware” is probably the wrong terminology for this, so expect another catchy name to distinguish these attacks from others (or maybe we’ll just revert back to the good ol’ “malware” phrasing). Second, the goal will be most likely be widespread system failure, so viruses that can spread quickly from machine to machine within a network will be favoured (as NotPetya does by harvesting admin credentials). Companies will begin to see more strategic targets rather than the previous numbers game which was played by the old ransomware. Finally, the new version will adapt and become smarter. What used to be rudimentary but effective will now become much more insidious and clever as it adapts to safeguards put in place. The future of ransomware is unclear, but what is clear is that now more than ever adequate security checks, employee training, and appropriate software is put in place to protect your environment.

So what can you do to keep your environment safe? Best practice is that for a reason, so abide by it whenever possible. The below are some basic starting points for helping to secure your environment:

  • Limit the administrator access on your environment; no one should be working from administrator-enabled accounts for their day-to-day tasks. They should only be used for administrative tasks, and access should be granted sparingly; access should be revoked whenever there is not a clear-cut need for it.
  • Lock it down. Any ports not in use should have outside access blocked, and your computers should only have the required software on them. The more programmes you have installed, the greater the possibility for a vulnerability or hacked update file.
  • Update, update, update. Install patches as soon as possible. Once the patch is made public, that means the vulnerability is public as well, so the clock is ticking for someone to find a way to exploit it.
  • Backup, backup, backup. Losing your files can be devastating for a company. Review your backup procedures and make sure you have something viable to roll back to if something does happen to your files. Having a backup doesn’t help anything if it’s six months’ old. Also, make sure you have a regular backup testing regime and ensure you have off-site, air-gapped backups.
  • Educate your users. Make sure they know how to keep themselves safe, and make sure you have software (antivirus, Cisco Umbrella, etc.) that will support them. Accidents do happen, but the more layers of protection you have, the better.

Getting infected can be catastrophic for businesses, but we’re here to mitigate the risks and get you up and running again as soon as possible in the case of infection. We’d be happy to have a chat about your current environment and how we could help – just drop us a line.

Back to List

Related Stories

Windows 7, Server 2008 and 2008 R2 security updates end January 2020

Windows 7, Server 2008 and 2008 R2 security update…

On January 14, 2020, support for Windows 7, Windows Server 2008 and 2008 R2 will end. That means the end of regular security updates. Failur…

Read Post

Protecting Your Property

Protecting Your Property

The physical protection of your building and IT Systems is just as important as online protection. With the use of information technology an…

Read Post

Understanding The Digital Workplace

Understanding The Digital Workplace

The digital workplace is the virtual, modern version of the traditional workplace. It quickly and securely provides personalised, role-based…

Read Post

5 Things to Know About Wi-Fi 6 and 5G

5 Things to Know About Wi-Fi 6 and 5G

The sixth generation of Wi-Fi, Wi-Fi 6, also known as 802.11ax, provides more speed, lower latency, and increased device density. The fifth …

Read Post

The New Technology Buyer

The New Technology Buyer

It is predicted that 80% of new technology spend will sit with business buyers by 2020. This is a change which has come about primarily due …

Read Post

Security on the move

Security on the move

The ability to stay secure and productive anywhere, on any device is of great and growing importance to all businesses.

We look at the fi…

Read Post

Business Benefits of Microsoft Azure

Business Benefits of Microsoft Azure

Connecting Clouds: The growing pains of cloud adoption continue as organisations realise that a single solution of either Private Cloud, Dat…

Read Post

Understand & improve your security posture

Understand & improve your security posture

Gain deeper visibility into and take control of your security.

Assessing your security posture is an ongoing challenge. Increasingly soph…

Read Post

Artificial Intelligence

Artificial Intelligence

Artificial Intelligence (AI) and Machine Learning (ML) are fast becoming important pillars of many organisations’ digital transformation s…

Read Post

IT Risk Management

IT Risk Management

With today’s pressures of compliance, cybercrime and customer demands organisations can no longer afford to have ad-hoc IT Policies and IT…

Read Post