This weekend’s major malware outbreak is a good reminder that cybersecurity risk is a business risk, and all businesses should be regularly reviewing their cybersecurity preparedness.

Malware Outbreak – Makes You WannaCry

On Friday, a virus called “Wannacry”, which is in the category of ransomware, was released onto the Internet. It had far-reaching effects on businesses and healthcare providers primarily in Europe and Asia. Ransomware is a category of virus which encrypts files on your computer, effectively taking them hostage until you either restore them from backup or pay a ransom and hope to get the files unencrypted again. This virus spreads itself first by a user clicking a malicious link in an email, and then from computer to computer via a flaw in Microsoft Windows. Microsoft released a patch for this flaw in March of this year. Having this patch in place is important, but will not prevent a user from clicking on a malicious link and infecting/encrypting their computer and network files. Here is a useful graphical depiction from the Wall Street Journal about how this virus works:

how ransomware works

Important Reminders:

  • Chortek clients subscribed to our Managed Network Service have systems in place which automatically apply security updates on a monthly basis, and therefore have had the Microsoft patch applied to their systems.
  • Chortek clients who maintain a current Sonicwall firewall with gateway scanning services are protected from this virus, according to Sonicwall.
  • The Wannacry ransomware is only the latest in many examples of the same type of threat – a malicious link in an email which sets off potential loss of data on your network.
  • Having the March 2017 Microsoft patches in place does not make your computer immune to this virus, it only helps slow its spread on your network.
  • It only takes one user clicking on a malware link in an email to take large swaths of network files hostage, incapacitating a business network.

What To Do:

  • Let users know to be extra vigilant at all times about emails containing links:
    • Have users call the sender via phone to confirm an email containing a link or attachment is safe.
    • Train users via tools like KnowBe4 to recognize and eliminate malicious emails.
    • Use a good email filtering solution like Appriver to block more malicious emails from getting to users.
  • Conduct annual review of your overall cybersecurity risk and preparedness using Chortek’s Cybersecurity Assessment.
  • Implement a business-class data backup solution such as Datto.
  • Consider implementing elevated security measures such as multi-factor network. authentication (key fobs) and advanced endpoint security software.
  • Regularly conduct training for your employees on cybersecurity awareness and safety.

Chortek can assist you with many aspects of cybersecurity including all the brands of products mentioned above.  We can help you through all the steps of establishing a cybersecurity improvement program and continually improving the cybersecurity measures you use to keep your business safe.  Email or give Michael Senkbeil a call with any questions, ph: 262-522-8248.

Visit Mike’s blog on Ransomware on Chortek’s website, www.chortek.com

Written by Michael Senkbeil, MCSE, GCFA, CISSP, CISA | Partner
Posted in Technology Consulting