Since the global coordinated ransomware attack on thousands of private and public sector organisations across 150 countries on Friday 12th May, organisations are warned that further cases of ransomware may come to light in the coming days or weeks.
The way these attacks work means that compromises of machines and networks that have already occurred may not yet have been detected, therefore existing infections from malware can still spread within networks.
To limit the spread and impact of the attacks, a variety of tools are now available on the National Cyber Security Centre website here
and you can follow updates on how to protect your business on Twitter @ncsc
A ransomware attack of this type and scale could recur and if so, ransomware attacks are some of the most immediately damaging forms of cyber-attack. Thankfully, there are a number of easy-to-implement defences that can considerably reduce the risk of attack and the impact of successful attacks.
Three simple steps for companies to undertake to protect their business are set out on the NSCS website
and can be summarised as follows:
1. Keep your organisation's security software patches up to data
2. Use proper anti-virus software services
3. Most importantly for ransomware, back up the data that matters to you, because you can't be held to ransom for data you hold somewhere else.
Home users and small businesses can take the following steps to protect themselves:
1. Run Windows Update
2. Make sure your AntiVirus product is up to date and run a scan – If you don’t have one install one of the free trial versions from a reputable vendor
3. If you have not done so before, this is a good time to think about backing important data up – You can’t be held to ransom if you’ve got the data somewhere else.
In the days ahead, the NCSC, the National Crime Agency and international partners in both other governments and the commercial sector, will continue their efforts to get ahead of this threat. You can keep up to date with their efforts on Twitter @ncsc
Enterprise Europe Network has been running cyber security and IP protection workshops for businesses in the East of England for a couple of years. Register your interest here
for notifications of future events.