Get Aligned!

The recent spread of WannaCry and NotPetya are rewriting the rules of ransomware, and it’s turning into something far more sinister. If these last couple of strains are an indication of things to come, we’ll be longing for the old days where ransomware had customer service helplines to help you set up your bitcoin payments and you could plead for amnesty over the phone. This new trend indicates a much darker shift, and seems to violate the very honour code that made ransomware so successful in the first place – if you pay, you get your files back. While being infected was a major inconvenience and security experts advised against ever paying the ransom, it was, at its core, a simple transaction, and one that only worked because the trust was in place. With the latest two iterations, that trust has been violated – either payments were unable to be made, leaving victims unable to ever recover their files, or the payment was made, but the decryption key never arrived, leaving users out of pocket with nothing to show for it.

This begs the question, if ransomware isn’t being used to make money, then why bother? Chaos, for chaos’ sake. Who exactly is behind the most recent attack is still unknown, however it’s becoming increasingly clear that the motive was much more anarchistic than was previously thought. What does this mean for attacks in the future? First, if a ransom is not truly expected to be paid, then “ransomware” is probably the wrong terminology for this, so expect another catchy name to distinguish these attacks from others (or maybe we’ll just revert back to the good ol’ “malware” phrasing). Second, the goal will be most likely be widespread system failure, so viruses that can spread quickly from machine to machine within a network will be favoured (as NotPetya does by harvesting admin credentials). Companies will begin to see more strategic targets rather than the previous numbers game which was played by the old ransomware. Finally, the new version will adapt and become smarter. What used to be rudimentary but effective will now become much more insidious and clever as it adapts to safeguards put in place. The future of ransomware is unclear, but what is clear is that now more than ever adequate security checks, employee training, and appropriate software is put in place to protect your environment.

So what can you do to keep your environment safe? Best practice is that for a reason, so abide by it whenever possible. The below are some basic starting points for helping to secure your environment:

  • Limit the administrator access on your environment; no one should be working from administrator-enabled accounts for their day-to-day tasks. They should only be used for administrative tasks, and access should be granted sparingly; access should be revoked whenever there is not a clear-cut need for it.
  • Lock it down. Any ports not in use should have outside access blocked, and your computers should only have the required software on them. The more programmes you have installed, the greater the possibility for a vulnerability or hacked update file.
  • Update, update, update. Install patches as soon as possible. Once the patch is made public, that means the vulnerability is public as well, so the clock is ticking for someone to find a way to exploit it.
  • Backup, backup, backup. Losing your files can be devastating for a company. Review your backup procedures and make sure you have something viable to roll back to if something does happen to your files. Having a backup doesn’t help anything if it’s six months’ old. Also, make sure you have a regular backup testing regime and ensure you have off-site, air-gapped backups.
  • Educate your users. Make sure they know how to keep themselves safe, and make sure you have software (antivirus, Cisco Umbrella, etc.) that will support them. Accidents do happen, but the more layers of protection you have, the better.

Getting infected can be catastrophic for businesses, but we’re here to mitigate the risks and get you up and running again as soon as possible in the case of infection. We’d be happy to have a chat about your current environment and how we could help – just drop us a line.

Back to List

Related Stories

Security on the move

Security on the move

The ability to stay secure and productive anywhere, on any device is of great and growing importance to all businesses.

We look at the fi…

Read Post

Business Benefits of Microsoft Azure

Business Benefits of Microsoft Azure

Connecting Clouds: The growing pains of cloud adoption continue as organisations realise that a single solution of either Private Cloud, Dat…

Read Post

Understand & improve your security posture

Understand & improve your security posture

Gain deeper visibility into and take control of your security.

Assessing your security posture is an ongoing challenge. Increasingly soph…

Read Post

Artificial Intelligence

Artificial Intelligence

Artificial Intelligence (AI) and Machine Learning (ML) are fast becoming important pillars of many organisations’ digital transformation s…

Read Post

IT Risk Management

IT Risk Management

With today’s pressures of compliance, cybercrime and customer demands organisations can no longer afford to have ad-hoc IT Policies and IT…

Read Post

Team Talk

Team Talk

Whether you use Office 365 or not; Microsoft Teams is free. That’s right, free. As in £0. Microsoft Teams is a hub for teamwork. Keep all…

Read Post

Office 365 Powers Ahead

Office 365 Powers Ahead

Microsoft release a quarterly report each month and within the latest quarter (April, Q3 2019) of the Earnings Call section it’s more good…

Read Post

Protecting Your .UK Presence

Protecting Your .UK Presence

The clock is ticking on who can register a .UK domain in your name.

Nominet, the governing body of UK domain names, released shorter .UK …

Read Post

Checklist to Digital Transformation

Checklist to Digital Transformation

Digital Transformation is the novel use of digital technology to solve traditional problems.

It’s about finding new ways to deliver valu…

Read Post

AWS, Azure & Google: A Public Cloud Comparison Report

AWS, Azure & Google: A Public Cloud Comparison Rep…

The three leading cloud computing vendors, AWS, Microsoft Azure and Google Cloud, each have their own strengths and weaknesses that make the…

Read Post