On May 12, 2017, the WannaCry malware struck thousands of businesses and organizations all over the world, infecting a total of 230,000 computers across 150 countries. By using an exploit developed by the National Security Agency and later stolen by hackers, the quick spread of the ransomware was unprecedented, making it one of the largest cybersecurity disasters of recent years. Victims included the British National Health Service, Germany’s Deutsche Bahn, and Spain’s Telefónica, among countless other organizations large and small.
What Is Ransomware?
Ransomware presents a rapidly growing form of cyberattack that involves criminals using malicious software to extort money out of their victims. A typical ransomware attack starts with downloading a malicious program, typically delivered in the form of an email attachment or a download from an infected website. Once the program is executed, it will quickly encrypt the files on your computer before presenting you with a warning that you’ll need to pay to regain access to your data. Most ransomware, including WannaCry, give you a payment deadline beyond which your files stay encrypted forever. Payments are to be sent over the Dark Web in bitcoin, the favorite, untraceable currency of cybercriminals.
What Makes WannaCry Special?
These days, ransomware is most often delivered as a service to would-be cybercriminals trawling the Dark Web for opportunities. Ransomware-as-a-service presents a disturbing trend in the digital underworld, whereby large groups of cybercriminals get together to distribute the ransomware and take a cut of the ransoms paid. Many RaaS developers pride themselves on making ransomware that works (i.e., it does decrypt victim’s files if they pay).
While no one should ever pay any ransom anyway, the odds of getting your data back with WannaCry are minimal, according to cybersecurity researchers. Due to the malware’s shoddy code and the fact that it has no built-in feature to determine who has paid and who hasn’t, those who pay are still very unlikely to regain access to their files.
How to Avoid Ransomware Attacks
WannaCry isn’t the first wide-scale ransomware attack, and it certainly won’t be the last. Microsoft described it as a wake-up call for companies using outdated, and thus vulnerable, systems, and they’re not wrong. The fact that businesses, rather than consumers, account for the overwhelming majority of the victims, illustrates that they’re often inadequately prepared for such security breaches. By contrast, home users typically have their operating systems (in this case Windows) automatically updated, thus patching many of the security vulnerabilities that continue to face business infrastructures.
Many cash-strapped private businesses and public organizations alike maintain computing systems that are woefully outdated. The NHS, for example, still runs Windows XP on many of its machines, which hasn’t even been supported by Microsoft since 2014. However, it’s not just systems running deprecated operating systems that are at risk. For operating systems that are still supported by Microsoft, such as Windows 7 and later, the tech giant regularly releases security patches as soon as new vulnerabilities are discovered. However, businesses often fail to install the latest patches and service packs, thus leaving their systems vulnerable.
While keeping your systems up-to-date is imperative for ensuring optimal security, it’s important to remember that no system is 100% secure. As such, there is no substitute for staff training. Your employees need to be aware of the risks, and this involves being able to identify likely email scams, infected websites, and potentially malicious attachments and other downloads.
Even if you take every possible precaution, your business will never be completely immune to cybersecurity threats. Maintaining a secure backup of your data provides something to fall back on should the worst happen. Our disaster-recovery services ensure that your data is securely stored in the cloud where no one else can touch it. Contact our data-recovery experts today to learn more about how we can help prepare your business for attacks like WannaCry.