Important Ransomware alert -“WannaCry”
More than 230,000 computers in 150 countries (including New Zealand) have been subject to a new and aggressive strain of ransomware. The virus infiltrated outdated Microsoft Windows software taking control of user files. Hackers then demanded payment to restore access.
The attacks did not distinguish between businesses; large or small, well known or not. Therefore, in light of this event we would like to take this opportunity to pass on some pertinent risk management tips, applicable to all Crombie Lockwood clients.
Short Checklist for Ransomware Protection:
Ask your IT specialists / department to give you assurance on these five points as part of your cyber-security arrangements:
▢ Upgrade all obsolete/unsupported systems and ensure all systems have the latest security updates/patches applied
▢ Check data backups or system snapshots to ensure they are very recent and disconnected/air gapped from your network once complete
▢ Ensure email is passed through effective content filters and that all users are made aware not to blindly trust email messages
▢ Regularly review user access permissions to data and restrict them to the absolute minimum needed
▢ Implement two-factor authentication, especially to all remote access and online services
Being diligent with your IT security is as critical as having a business continuity or disaster recovery plan in place and knowing who to call if your computer network is locked by a virus.
Ransom monies being demanded to access your computer are often small; however the cost of interruption to business can be disproportionate and very damaging to a company.
Paying the ransom may seem like an option but without examining the affected computer network it’s impossible to know with any certainty if there have been more implications such as lost data or other covert viruses/malware introduced.
Hopefully your business hasn’t been infected this time, but it’s important to know what you would do if it did happen in the future. Cyber Insurance policies give you access to 24/7 help lines to report any incidents as soon as they happen – such as ransomware attacks. Once notified the insurance company will then deploy the required experts to deal with the problem and get your business back up and running as quickly and safely as possible.