06/05/17 |

WannaCry: What You Need to Know and Do

An international ransomware computer attack that uses a piece of malicious software

Wanna Decryptor or ‘WannaCry’, has targeted individuals, private companies and public organisations over the weekend and is already being labelled the largest cyberattack ever recorded.

Ransomware (software which locks data and is freed only when a ransom is paid) has become the single greatest online security issue in terms of number of attacks. WannaCry targets Microsoft servers that have not yet installed a security patch released in March via malicious links, locking users’ data until a ransom is paid.

Despite a temporary fix that has slowed the spread of the attack, there is the possibility that a second wave of the malicious software or ‘copycat’ attack could be released. New Zealand’s location does not make companies exempt from cyberattacks and there are reports that the virus may have affected some NZ businesses, therefore companies must be vigilant and proactive in order to avoid being affected.

Peter Bailey, general manager of specialist cybersecurity consultancy, Aura Information Security, recommends the following measures and precautions are taken to avoid your business being affected by this global attack:

1. Back up your data 
Companies should immediately back up all data to an external hard drive to ensure that all files are not lost if computers are hacked. This ensures data can be retrieved and recovered without paying a ransom. If your business is affected by the attack, it is recommended that you do not pay the ransom at all as this may not result in files being recovered.

2. Ensure all company computers are updated 
Businesses should immediately ensure all staff computers and company servers are up to date with Microsoft’s latest updates and patches so that they are not openly vulnerable to the attack.

3. Make sure you know your vulnerabilities
If you are running legacy unsupported operating systems or software with known vulnerabilities, isolate them from the rest of your network. Make sure you add extra protection like configuration hardening, host based firewalls, or application whitelisting. Upgrade unsupported operating systems to the latest platforms wherever possible.

4. Educate your staff
Educate your staff on what to look out for and what to do if their workstation is infected with malware. The advice for WannaCry is that users should immediately unplug their machine from the network, and call their IT support help desk. It is likely their workstation will need to be wiped and rebuilt.

To ensure your business fosters a culture of cybersecurity awareness, and is prepared in the case of future attacks, regular training and education is key. If you don’t have a CISO to help lead the charge, there are some great online tools and employee checklists available from sites such as ConnectSmart.govt.nz and cert.govt.nz. Aura also recently launched its e-learning tool, which is designed to provide businesses with the ability to train and educate staff whilst also identifying areas for improvement.

Get the latest Aura news
Stay up-to-date on Aura news and events – follow us on LinkedIn and Twitter.
Follow our research
View our team's work on our dedicated Aura research blog…
Search our archives
Looking for something specific? Search the Aura archives…