The malware is delivered as a Trojan through a loaded hyperlink that can be accidentally opened by a victim through an email, advert on a web page or a Dropbox link. Once it has been activated, the program spreads through the computer and locks all the files with the same encryption used for instant messages. Once the files have been encrypted it deletes the originals and delivers a ransom note in the form of a readme file. It also changes the victim’s wallpaper to a message demanding payment to return the files.
Cybersecurity is the topic of the moment in light of the weekend’s cyber-attack which seriously affected the NHS. In England, 47 NHS trusts reported problems at hospitals and 13 NHS organisations in Scotland were affected by the ransomware known as WannaCry or Wanna Decryptor, placing the highly confidential medical information of numerous patients at risk. The ransomware locks patient files which can only be accessed by paying a $300 (approximately €273) in bitcoins.
Who does it affect?
The NHS was not the only organisation attacked – it has gone global and spread to Renault, FedEx and even the Russian Interior Ministry. Due to the nature of information held by the NHS, it is arguably the most important and most worrying attack. Medical information can be worth ten times more than financial information on the deep web. Fraudsters can use this data to create fake IDs to buy medical equipment or drugs, or combine a patient number with a false provider number and file fictional claims with insurers. As a new working week begins, further disruption is to be expected and not only for the NHS but for any companies holding valuable or personal data on clients, employees or otherwise, so it is important to learn from mistakes and protect yourself and your company from a similar cyber attack.
How Can I Protect Myself?
Unfortunately, unless you go offline there is no guaranteed way to prevent such attacks however best practice and subsequent controls as outlined in established security frameworks like ISO 27001 and Cyber Essentials can greatly diminish the chances of occurrence. The recent cyber attack took advantage of a security vulnerability in unpatched Microsoft Operating Systems and the exposed and outdated Windows XP systems which meant that they were insufficiently protected against newer malware such as WannaCry. It is important therefore to regularly update systems and installs patches between full software releases and these systems should be securely configured with strong passwords. Core files need to be frequently backed up as you cannot be held to ransom for data you hold elsewhere. Along with secure technical controls, staff should be aware of such cybersecurity risks and how to proceed quickly upon the realisation that something is wrong.
All organisations should learn from this attack and act now to improve their cybersecurity standards. A cyber attack like this can inflict a massive reputational and financial blow to a company so an investment such as Cyber Essentials* and ISO 27001 is more worthwhile than ever. We offer both services here at Certification Europe, for companies of all sizes. Contact our team today to find out more about management systems like ISO 27001 and Cyber Essentials that allow your organisation to significantly reduce the chances of having a data breach.