Call us Today +44 (0)1536 711 999

Marval logo
Blog

Ransomware: 5 Quick Steps To A Safer Organisation

By Chris Harris, Support Analyst, Marval Software

 

On Friday afternoon, it was reported that many NHS organisations, as well as other large companies, were affected by a ransomware cyber-attack. So far over 237,000 computers in more than 99 countries are reported to have been affected.

That’s not rare. Last year, 689 million people in 21 countries experienced cybercrime; 13.8 million of them were in the UK (that’s almost one in four of us!). Actually, Symantec identified 36% increase in ransomware attacks worldwide.

Ransomware is an attack that, once initialised, will covertly encrypt the data on the machine using a combination of AES and RSA ciphers, then show a screen that will demand a payment to be made in Bitcoin (an anonymous payment option) to get your data decrypted; or the data will be leaked.

In most cases, you will be advised not to pay the ransom, as there is no guarantee that the data will be decrypted, and even if it does, this does not mean that your data has not already been stolen and sold.

This is not the first time this has happened and, for cyber criminals, patient data (that health organisations have a lot of) is worth up to 10 times more than credit card information; and this can be sold on the black market within the dark web.

The “WannaCry” ransomware attack is a very fast spreading malware that exploits a vulnerability within Windows SMB and could affect any Windows machine (except Windows 10 and Server 2016) that has not been updated with the latest patches released by Microsoft. Once a machine is infected, it will also scan other machines on the network for the same vulnerability and also random hosts over the wide area network, and due to the fact it’s a worm, the infection is also self-replicating.

As the patches to fix this vulnerability have already been released by Microsoft, the best advice is to keep your systems protected is always make sure they are up to date.

 

Quick Steps to a Safer Enterprise

-          Set processes around cybersecurity and make sure they are followed religiously.

-          Automate tasks, so that no critical updates are ignored or forgotten.

-          Be proactive rather than reactive, with regular risk assessments that will help you identify and address potential liabilities. 

-          Withdraw any dated or vulnerable equipment, if required. Use documentation to support and accelerate change.

-          Promote the “cybersecurity culture” in your organisation. Security breaches are often caused by neglect or human error. Make sure that the message is spread and frequently reinforced both in your IT team and across the organisation.

I can’t stress this enough: When a malicious attack happens, time is money. Any minute spent between the attack and the identification of the breach and its resolution, adds up to the cost. Organisations need to make the most of their best assets (people, processes and technology) to minimise the short and long-term impact of the attack.

Contact Us View all Articles

Similar Articles

Endless possibilities with Marval...

Whatever your aspirations might be, we have the technology, the expertise and the people to make them happen.

We know you may have some questions...

I would like to opt in to receive marketing communications from Marval via:

  • Request a
    Demo

    Discover the benefits of implementing MSM software, designed to improve service quality, customer satisfaction and reduce costs

  • Download
    Resources

    Your central repository of interesting and useful information on IT Service Management

  • Customer
    Case Studies

    See how organisations all over the world use Marval MSM software to address their most critical IT Service Management challenges

  • Contact
    Marval

    Contact us to discuss your service improvement requirements