WANNACRY NHS MALWARE ATTACK | EVERYTHING YOU NEED TO KNOW

 

As if the NHS hadn’t been under enough strain these past few years, computer services of the health system were hit by a global ransom ware attack. The attack affected tens of thousands of computers across nearly 100 countries, including systems used in UK hospitals and GP surgeries.

The malware works by blocking access to all files on a PC until a ransom is paid and appears to have used technology that was stolen from the National Security Agency in the United States. As a result,  operations had to be cancelled, ambulances were diverted and medical document such as patient records were made unavailable.

The attacks used a software called WanaCryptor 2.0 or WannaCry, which exploits a vulnerability in Windows. Microsoft had released a patch in March which resolves the issue, but computers that had not installed the security update were still vulnerable. In December it was reported that nearly all NHS trusts applied an obsolete version of Windows for which Microsoft no longer provides security updates in April 2014. It is not certain how many computer systems across the NHS are using outdated operating systems such as Windows XP, 8 and 10. However, according to data acquired by Citrix, 90% of trusts were still using Windows XP.

Malware is a frustrating but inevitable menace for companies in the digital age, so it is crucial that any serious business should know what steps they can do to protect themselves and what solutions they can utilise in the event of an attack to minimise business downtime. This post provides a handy guide to steps you can take to avoid malware attacks and what services are on offer to assist you in the event of an attack.

HOW TO AVOID MALWARE ATTACKS

Protect your vulnerabilities

Malware is frequently delivered via exploit kits, which find weaknesses in the system. This could be software without the latest update, an operating system that isn’t protected, or a browser with poor quality security protocols. Do any of these sound familiar to you? You should contact your IT Managed Service provider to ensure your system is up-to-date and protected.

Update frequently

In order to shield your systems from exploits, it is good practice to update your OS, browsers and plugins as soon as an update becomes available. The purpose of updates are often to patch any security weaknesses that have been found so that malware has nowhere to enter into your computers.

Remove unused software

Old software such as legacy apps are prime targets for malware, so if you’re not using them, it’s wise to remove them. This could be old software such as Adobe Reader or older versions of media players, or a whole operating system such as the 15 year-old Windows XP. You need to communicate such actions across your wider teams. Even in small businesses, having various disparate functions can result in your company computers having hundreds of programs and systems that you had no idea your colleagues were using.

Avoid malicious adverts

Malware is also commonly distributed through malicious adverts. You can be infected without even clicking on these adverts, and these adverts can be found on even the most popular, prestigious websites. As well as patching your software to protect your systems from exploit kits, the exploit can be stopped at the source with click-to-play plugins. Malware often runs on Flash or Java, and click-to-play plugins stop Flash or Java from running unless specifically instructed.

Be aware of social engineering tactics

Malware is often introduced into a system through nefarious means such as email, phone, and social media scams. The only way to protect from these is to be sensible and wary about your processes.

Emails

You should be able to spot a scam email by checking if its links, address and text conform to what you would expect from a proper email. Also be wary of irregular methods of communication; for example, many organisations such as the IRS will not contact you by email. During and following the recent WannaCry attack, many businesses are witnessing emails from people in their own contacts who have fell vulnerable to such attacks – be careful and avoid opening any attachments which look suspicious.

Phone

You can just as easily be scammed over the phone. Cold callers may claim to be from Microsoft or a bank asking for details. It’s always best to err on the side of caution and call the company back directly to see if the call was legitimate. One frequent scam is fake tech support companies offering to help with a malware infection. A real security company would not tell you you have an infection through pop-ups or a cold call.

Online behaviour

Most malware attacks can be avoided through some basic rules when conducting yourself over the web.

Data backup

First and foremost, back up your data. As ransomware gets more sophisticated, you should back up to external memory and disconnect until the next backup.

Safe passwords

You should be protected with a safe password that’s long and uses a mix of different kinds of characters. Passwords should be changed often and not written down anywhere. To keep track of your passwords, you might want to invest in a password manager, which will store and encrypt all of your passwords.

Secure connections

You should also utilise secure connections as much as possible. You can tell if your internet connection is secure if there is a padlock symbol to the left of your address bar. Additionally, using ‘https’ in a URL as opposed to ‘http’ denotes a secure connection.

Log out

With all of this effort to protect yourself from malware, you don’t want to compromise your security by doing something as silly as leaving yourself logged in. Even if you just close the browser tab or window, it is fairly easy to retrieve login information from session cookies.

Invest in Security Software

Though it is vital to do all you can to keep safe from malware, it would be very difficult to stay safe from any threat through vigilance alone. Firewall, antivirus, anti-exploit and anti-malware software is easily available and will provide extra layers to your security. Do you have a dedicated Managed Service provider who can advise on such software?