Intel Blog

WannaCry? Fight back instead!
Ed Hannan's picture

The numbers are staggering. WannaCry represents the largest ransomware attack in history. Not this week. Not this month. Not even this year. But ever.

How big is it? Since May 12, more than 150 countries have been hit, infecting more than 230,000 computer systems. The hardest-hit countries were the U.K., China, Russia, Germany and Spain. WannaCry has taken down hospitals, universities, factories and government offices. Its targets include FedEx, Nissan, Hitachi, Telefonica and the U.K.’s National Health Service.

And even worse could still be coming. A just-released Data Breach Investigations Report from Verizon found a 50 percent increase in ransomware attacks over last year. Verizon also reports that many organizations are still using past-their-expiration-date security solutions.

How to Help Your Clients

For solution providers, the obvious question in the wake of this massive ransomware attack is: What can you do now to help your clients protect themselves against, or recover from, WannaCry?

Glad you asked! Here are 8 tips and suggestions to share with your clients today:

1. Update your operating systems. If you’re running older systems such as Windows XP or Windows Server 2003, it’s time to update. Those OSes are especially vulnerable to attack.

Think nobody’s still using those older OSes? Think again. For example, until quite recently, the U.S. Navy was paying Microsoft some $9 million a year for ongoing Windows XP support. Navy officials have since chosen to end their reliance on outdated software and move to Windows 10. But trouble still lingers at the state and local government level, as those entities continue to use outdated systems. Your clients may be among the offenders.

2. Back up your files. It’s impossible to overstate the importance of regular backups. So I’ll say it again: Back up all your files on a regular (ideally daily) basis.

3. Patch it up! When a trusted software supplier notifies you of a security update, install it. Do not let this slip. Stay updated.

4. Think before you click. Most ransomware attacks start with an email message that instructs the recipient to click on a link or open an attachment. Don’t do it! Follow those instructions, and you’re literally opening yourself up to an infected attachment. IBM estimates that 40 percent of all spam emails sent in last year contained ransomware. So if you receive an unexpected email message, don’t open it.

5. Disable macros. Document macros are a common mechanism for delivering ransomware. To be safer, disable all macros for email and documents immediately.

6. Isolate problems. Some systems are vulnerable, even if they haven’t been hit with malware. These vulnerable systems are often the ones we rely on most. One fix, albeit temporary, is to limit network connectivity. To do this, identify which services you can turn off, especially vulnerable services like network file sharing.

7. Bundle up. A multi-layered approach is a wise one. Next-generation firewalls and antivirus protection should be part of any overall protection platform. You should also consider next-gen endpoint solutions that incorporate behavioral analysis and machine learning to deal with ransomware attacks.

8. Pay the penalty. If all else fails, you’ll have to pay the ransom to access your data. It’s a worst-case scenario, for sure. But make sure you have the necessary funds readily available. After all, it’s usually cheaper to pay the ransom than to lose your data.

 

Also see:

Clients lax on cybersecurity? New Verizon report could help

Dell survey gives solution providers a new security blanket

Why your SMB clients aren’t worrying enough about cybersecurity

 

Add new comment