Ransomware – WannaCrypt, why so successful?
On Friday (12th May) as many of you are aware, one of the highest profile ransomware outbreaks ever recorded occurred worldwide. The attack caused chaos within the NHS in the UK and also impacted hundreds of thousands of other organisations and businesses worldwide.
The attack targeted a vulnerability in Microsoft’s operating system, and was able to spread and infect additional machines due to poor maintenance, lax security and a lack of end user education.
How did it start?
Microsoft have identified the likely payload was delivered via a phishing email with an infected attachment – https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/?utm_source=t.co&utm_medium=referral
A user had inadvertently opened an infected attachment on an email and unfortunately, this had spread across a network.
Why did it spread?
Why did WannaCrypt spread so quickly? Poor update management and end user education were the main issues. The vulnerability that the infection targeted was patched on March 14th – https://technet.microsoft.com/en-us/library/security/ms17-010.aspx. It seems many PC’s, laptops and servers were missing the patch, which has enabled the infections to spread around an organisation more easily.
End user education is also a critical part of protecting a business from attack. Users need to understand that they also have a responsibility for email management and security. Opening emails and attachments without any regard for security is no longer acceptable. Email and gateway scanners can only do so much to prevent an issue, so regular education for staff is key.
How HWT can help?
Patch management, system maintenance and full IT support services are critical to keep your business safe. Your data and systems are critical for your business to perform and you should take steps to check your provider is performing these tasks on a regular basis.
If you are having issues with your existing provider or are not confident that they are providing the right levels of service then please contact us. Our IT support includes a fully managed update and patch management solution.
To find out more, please call us on 0845 504 8989, or complete our contact form.