On May 12th, hospitals, companies, universities and governments across at least 150 countries were hounded by a cyberattack that locked computers and demanded ransom. It used a susceptibility in Windows that allowed it to infect target computers without any action taken on them.
Over the May 12th weekend, Europol officials said that some 2,30,000 computers had been hit by the malware. Chinese state media reported that 40,000 businesses and institutions have been affected, and Britain’s health care providers (NHS) had to turn patients away for the weekend while they recovered from the malware attack.
What is ransomware?
It is a malicious software which holds a computer hostage (by encrypting all its data) and offers a decryption key in return for a ransom, which is paid in bitcoins to keep the identity of the cyber attacker hidden.
For the recent ransomware attack the ransom demanded ranged anywhere from $300 – $1000 per machine.
How is ransomware delivered?
Most ransomware is delivered to computers through phishing emails, which are fake emails that contain the infected attachment or link. An unaware or careless user who opens and acts on the email launches the ransomware attack.
There are two types of ransomware:
- Encryptors – which use advanced algorithms to block system files and ask the victim for a ransom to decrypt them. These types are most widespread and pose the greatest, most worrisome cyber threat currently.
- Lockers – which locks the victim out of their operating system making it impossible to access the desktop or any files on it.
In both cases the virus encrypts and locks the computer and prevents the user from accessing it unless a ransom is paid. The initial payment amount increases if it isn’t paid within a stipulated period, along with a warning that all data will be destroyed for non-payment after that.
Doesn’t antivirus detect it?
Many would think your antivirus software will protect you, but if you do not have a genuine, paid antivirus or if you downloaded your version for free, it is useless to combat malware. Common antivirus software is often not sophisticated enough to protect from the latest forms of malware.
Even a valid, paid antivirus software cannot catch all viruses and ransomware uses several evasion tactics that allows it to:
- Go undetected by antivirus products
- Bypass cyber security researchers
- Stay hidden from law enforcement agencies
Awareness and prevention is the best security strategy when it comes to ransomware.
It is easy to attack home users because most of them don’t have backups and will pay to get their important data (pictures, important documents, etc.) back. Users are not aware of and are not protected by cyber security solutions and they rely solely on antivirus software, which doesn’t protect them from ransomware.
Businesses are good targets because the malware can affect multiple machines which are on the same network, causing a domino effect and major disruptions. Many businesses don’t maintain good security protocols and won’t report the attack for fear of brand damage and bad PR. Importantly, businesses are better targets to demand money from.
Backup your data
It is a good idea to have at least two backups of your critical data so that in the event of an attack you have the means to restore your information without paying a ransom.
Backups can be done on external drives (which are not connected to the internet), USB drives, and if you use cloud storage, you can save a backup there. When using the cloud, make sure your files are not always set to auto sync, because that runs the risk of transferring infected files.
Update your PC
The current attack was on systems running old Windows operating systems, like Windows XP. Make sure you invest in updating your system and install all the updates regularly.
Install the official Windows patch (MS17-010) https://technet.microsoft.com/en-us/library/security/ms17-010.aspx, which closes the SMB Server vulnerability used in this ransomware attack.
Use cloud-based SaaS digital workplace solutions
Cloud-based solutions are externally hosted applications, where the vendor handles everything related to storing, backing up and securing your information. Cloud solutions and SaaS providers invest heavily in security solutions and are up to date on latest security threats, protective tactics and best practices. They have the means to keep your data safe from hackers and cyber criminals.
Also, businesses are moving towards business communication, collaboration, and productivity tools. Many are doing so to innovate and modernize the way they work, support mobility, improve productivity and efficiency, and keep up in a digital world. However, these tools and applications also have important security benefits as well.
- Communication, messaging, and chat apps – These apps not only seek to replace the inefficiencies of email, but also keep all of your communication in one secure place. These apps provide more efficient and real-time communication and are less prone to phishing tactics sent via email to spread malware. These apps are less exposed to external threats and less accessible to outsiders. Also, as another form of security, they keep your ideas and knowledge in one go-to place for your business and employees. Apps such as Slack, Connect by eWorkplace Apps, HipChat, Microsoft Teams, and Workplace by Facebook serve this purpose.
- Intranet – Intranets on the cloud keep all of your documents and content in one secure place. Also, being on the cloud, SaaS-based intranets are generally safe and secure and are regularly updated by the product vendor. Thus, these intranet products are equipped with the latest security updates with little to no maintenance required on your end and keep all your documents and information in one central, secure place.
These are just a couple of important tools that more and more businesses are moving towards, and in the event of a malware attack, these businesses can sail through more easily since their business and communications are not impacted.
How Connect Can Protect You from Ransomware
Connect by eWorkplace Apps keeps all of your communication in one secure place. It is a business messaging and file sharing app that is less susceptible to external threats. Email is an ineffective tool that is slow, bulky, and bad for collaboration and productivity. Also, it is prone to external threats, such as phishing, which is a common way of getting malware and viruses. Connect, on the other hand, is a secure messaging app that provides real-time communication, an employee directory and public and private chat rooms for seamless team and cross-team collaboration, and a Today and Tasks feature to keep track of important items and tasks. In addition to being an internal tool that keeps your communication secure, it also protects your knowledge assets by keeping your ideas and knowledge sharing that are part of the internal communications all in one app, rather than being spread across various emails, shared drives, people’s computers, and personal chat apps.
Finally, Connect employs enterprise-grade security features such as:
- Modular and secured app service management
- Password encryption at rest
- Sign-on through Identity Providers
- Secured data access and data loss prevention
- Data encryption in transit
- Data backups in secured vaults
You can learn more about Connect’s security features and try Connect for free at:
To conclude, cyber-attacks are on the rise, hackers are using more sophisticated techniques to cause disruptions in our day-to-day lives, and they are not going away anytime soon. So, be prepared, be vigilant, and use the prevention methods discussed in this article to keep your business and work as threat free and as productive as possible.