What is being called the "the largest ransomware outbreak in history” began late last week, and we may not have seen the worst of it yet. Hospitals, banks, schools, government agencies, telecoms, railways, and countless other victims have been hit hard by this latest malware attack, which began late last week and is still a very real threat. In an example of how devastating these attacks can be, dozens of infected National Health System hospitals across the United Kingdom were forced to suspend surgeries.
We have officially reached a point where the impact of cyber-attacks has crossed over the world of the virtual into the world of the physical, and can have repercussions on actual life or death situations.
What makes this particular breed of ransomware, referred to as “WannaCry,” more nefarious than most attacks is that it automatically and instantly spreads to all computers on a network, resulting in runaway infections capable of reaching epidemic proportions.
Microsoft was so alarmed at the impact of this attack, they quickly released critical patches for all of their operating systems, including Windows XP which hasn’t been supported in years. If your IT Department hasn’t already implemented the latest security patches for your company, have them head to Microsoft’s site immediately. However, as fast as defenses are constructed and kill switches are discovered, new ransomware strains are being released, frustrating the efforts of security experts worldwide.
The delivery mechanism for most ransomware attacks is when a user opens an attachment from an email that appears to have originated from a trusted source. When the sender is not who they pretend to be, and their goal is to trick you into infecting your computer or betraying sensitive information, it is known as phishing. Once the attachment is opened, the ransomware is deployed and the outbreak begins. To remove the infection, users typically either pay the ransom (currently reported to be $300 to $600) and hope that the malware is removed or wipe every infected system and restore from the last good backup.
A simple way of avoiding the vast majority of ransomware is to ask yourself one simple question when receiving a request to open a file or provide information: “Did I expect this email from this person at this time?” If you are not absolutely certain that the answer is “yes”, either delete the email or contact the sender by phone or in a separate email for confirmation.
For more information on how we can help you fight back against a potential cyber-attack, please contact a member of our Technology and Risk Advisory Consulting group at TRAC@citrincooperman.com