Mal War 1
A global ransomware attacked 100 countries affecting the NHS, schools, governments and businesses.
The malware attack took down systems in the UK, United States, Russia, Germany and India. In the UK, the NHS has been badly affected by the attack which infected computers using malware to demand a £230 ransom to unlock each individual machine.
According to Cyber-security firm Avast, there were 75,000 international cases of infected computers by the ransomware known as WannaCry (and derivatives of), but no group has yet claimed responsibility for the worldwide attack. However experts do believe the people responsible used tools stolen from the National Security Agency (NSA).
Theresa May said the attack was part of a wider assault and not just targeted at the NHS and a Cobra meeting has been chaired to deal with the aftermath. The worst hit were brands like Renault, FedEx and Portugal Telecom.
A UK online security researcher, tweeting as @MalwareTechBlog, said he’d inadvertently halted the spread of the virus, but warned it was only a temporary fix.
So as the fallout from the hack continues, how can marketers prevent and prepare for a cyber crisis?
Backup your files
The attack left hospitals in England and Scotland unable to take scheduled appointments and left both doctors and patients with questions. Amber Rudd, the Home Secretary admitted there was a chance that not all NHS files were backed up, but UK cyber security agency experts were working 24/7 to restore systems.
In order for organisations to protect themselves they should ensure they have fully tested backup solutions in place, which is also likely to prevent a PR crisis for brands faced with questions from consumers if security is compromised.
Computers which are at risk of ingesting ransomware should not hold backup files, however if the victim has a recent backup of their system, it may still take a considerable amount of time to restore.
Make sure your systems are up to date
This weekend’s attack may have been built in response to a weakness in Microsoft systems identified by the NSA. Businesses should make sure their systems are constantly updated to avoid attacks in the first place, or question if they are at risk from hackers.
Microsoft said it would roll out a fix for users of older and more vulnerable operating systems like Windows XP, which wouldn’t have automatically updated. Avast strongly recommend that all Windows users fully update their system with the latest available patches.
The UK government has been criticised by Labour, the NCSC and the NSA for apparently failing to protect and update systems, despite repeated warnings about the vulnerability of outdated NHS systems.
Communicate with staff and customers
The standard way for ransomware to be sent is in an email. So inform your staff not to open unexpected emails, click on links or download software they don’t know anything about. Most of this stuff requires the recipient to react and do something, and in the event of an attack, ensure staff are briefed quickly. Tell staff to turn off computers and disconnect from company internal VPNs as soon as possible.
The fallout from the WannaCry attack isn’t over, but an accidental fix has slowed the spread of the infection down. And because the malware is not able to connect to the registered domain the amount of infections are very low and dropping fast. However, there are warnings that the attackers could tweak the code and start Mal War II. The researcher who tweeted about slowing down the spread of the ransomware hadn’t noticed any tweaks yet, but is convinced there will be!