Wannacry Highlights Severity of Cyber Attacks
Wannacry, a ransomware program that targets a vulnerability in outdated versions of Microsoft Windows, has spread across 150 countries and infected more than 230,000 computers since it was launched on 12th May. It disrupted many NHS hospitals in England and Scotland, infecting up to an estimated 70,000 devices, including computers , MRI scanners, blood-storage refrigerators and theatre equipment.
Microsoft was aware of this cyber security gap and, as a precaution, released a Windows security update in March. However , many users had not run the update, which allowed WannaCry to spread quickly. After the initial discovery of the ransomware program, Microsoft issued a warning to the US government concerning its data-storing practices. According to Microsoft, the tool used in the WannaCry cyber attack was developed by the US National Security Agency and was stolen by hackers.
The danger that the ransomware program poses is based partially on how invasive it is. After infecting just one computer, WannaCry can spread to every device in a network within seconds. It works by locking users out of their computers before demanding money in order to regain control of their data. Initially, Wannacry requests abou £230, but, if no payment is made within three days, it then threatens to double the amount. If no payment is made within that time, the ransomware program then threatens to delete the files after seven days.
While the spread of Wannacry has appeared to slow down, many firms have hired experts to prevent new infections. Some experts recommend that you should not pay the ransome, as there is no guarantee that the hackers will return the files unharmed, if returned at all. The government’s National Cyber Security Centre recommends that you take the following precautions:
- Update your network security and keep a safe backup of your vital files.
- Run the Windows Update and turn on auto-updates, if available.
- Install and update anti-virus as well as anti-malware software on all of your organisations computers.
- Provide your employees with cyber security training. This should include best practices, such as how to recognise a cyber attack.
However, the most beneficial practice that your organisation can invest in is to purchase comprehensive cyber insurance to ensure that your organisation can sustain a cyber attack. For more information, contact Daulby read Insurance Brokers today.