The spread of the WannaCry ransomware has slowed since this weekend, but the catastrophic effects it left behind remain, and should serve as a cautionary tale to businesses that nothing can be left to chance when it comes to software patches and updates, and IT support is a must.
What is ransomware?
Ransomware is a type of malware that infects devices and encrypts common file formats (like Word and PowerPoint documents) to prevent users from accessing their data unless they pay, usually by Bitcoin, for it to be released. However, payment doesn’t guarantee access – in fact, many victims end up forking over cash without seeing their lost files ever again.
What is the damage?
WannaCry has infected Windows machines in 150 countries around the world, with the NHS being one of the worst visibly affected. The result is a direct compromise to patient safety, where many UK citizens have had appointments and critical treatments cancelled and delayed.
Why did it happen?
The software vulnerability exploited by the attack was first discovered on March 14, and soon after Microsoft released a security patch to fix it. Anyone who would have updated their machines would have been safe from WannaCry. However, as we now know, many failed to do so, while others were left exposed because they were running unsupported operating systems like Windows XP – used by 5% of the NHS’s computers and 7% of computers worldwide, according to NetMarketShare.
However, it’s a mistake to assume only users of obsolete technology were affected by WannaCry – even modern versions of Windows and Windows Server were at risk before the patch, and many unpatched devices may still be.
The lesson: Patch management is a necessity
“This attack is a powerful reminder that information technology basics like keeping computers current and patched are a high responsibility for everyone, and it’s something every top executive should support.” Brad smith, President and Chief Legal Officer at Microsoft
The WannaCry attack should drive home the message that patch management is a fundamental aspect of IT security. In fact, it is one of five key control measures describes in the government Cyber Essentials Scheme – but many organisations fail to take it as seriously as they ought to.
If you work with an IT support company, this is probably a good time to check that they are keeping your software up to date and patched against the latest security threats – as well as offer other protections for your data like secure cloud storage.
A continuous managed backup service is vital to ensuring that your data is always safe in the wake of any type of cyber-attack. You’ll have full peace of mind that your data will remain accessible whatever happens to your devices.
Not sure how to choose an IT support company that will go to great lengths to protect your business against current and potential threats? Download our guide below to help you.