What is WannaCry?
WannaCry is a vicious, far reaching virus also known as ransomware affecting more than 125,000 organizations across 150 countries. It also goes by the name WCry, or WanaCrypt0r. It affects Windows machines through an exploit known as EternalBlue. Microsoft had released a patch, but many organizations have not updated their security.
How does the virus work?
Like most ransomware, the virus locks the victim’s computer, encrypting all their data. The attackers then send a ransom demand for about $300 in Bitcoin. They also up the price and threaten to delete files the longer the ransom is not paid. Hackers infect computers by tricking end users into clicking on malicious links in emails or attachments. They will also even create websites that look similar to safe sites. Once you click on the link, however, the virus downloads to your system.
Aren’t the hackers targeting large entities like whole health systems? Do small and mid-sized businesses really have to worry about this?
WannaCry has attacked organizations of all sizes across the globe. Ransomware attacks against small and midsized businesses have been increasing overall the last few years.
- In 2016, ransomware attacks were up 43% from the year before.
- 48% of small businesses report critical data loss as a result of an infection from ransomware
- Hackers target small and mid-sized businesses because those organizations often lack the staff and cyber security protections of their larger counterparts.
How can I keep my network safe from WannaCry?
One of the biggest recommendations from the Department of Homeland security is to implement a data backup and recovery plan for all critical information. If possible, store this data on a separate device offline or in the cloud. It is vital that you also test the back up on a regular basis.
- Ensure your operating systems and applications have the most recent security patches, with the latest updates. Hackers often target outdated systems.
- Ensure your company’s anti-virus software, firewalls, and email filters are maintained and current.
- Be vigilant and alert when opening attachments and clicking on links in emails. Ensure the sender really is who it claims to be, even if that means you have to call them up.
- Instead of clicking on links in the email, type the website address into your email browser
- Do not provide personal or financial information about yourself or your business until you are sure the request is really coming from a legitimate individual with a legitimate organization.
- Pay close attention to the URL for a website. Often malicious websites are only off by a single letter in the address.
- Perform penetration tests on your network at least once a year. This will help expose holes where hackers can get into your network.
- Train and retrain employees on cyber security, focusing especially on social engineering attempts and phishing.
What should I do if my network has been infected with WannaCry?
The Department of Homeland Security does NOT recommend you pay the ransom. That decision is up to you as a business.
What you absolutely should do right away is:
- Isolate the infected computer or remove infected systems from the network to avoid the attack spreading to share drives.
- Isolate or turn off any devices that have not been completely corrupted – which may prevent worsening conditions
- Contact a local field office of the FBI to report the attack.
So, Should I be Worried about WannaCry, the Latest Cyber Attack?
The Network Team can help beef up your network security so you don't have to fear WannaCry.
- TNT president Jeff Gaura can perform cyber security training onsite for your employees.
- Our highly trained engineers can help craft, implement and test a Back Up and Business Continuity Plan.
- We offer penetration tests and many more security solutions.
Fill out the form at the right, and someone will be in touch to schedule a meeting with us to discuss how to shore up your defenses, and keep your business safe from this massive cyber attack.