On Friday 12 May, a new wave of ransomware known as “WannaCry” was identified. Whilst the ransomware has infected tens of thousands of computers worldwide, fortunately there have been limited counts reports of infections in Australia. This ransomware propagates by exploiting a Microsoft Windows vulnerability in unpatched computers.
The internet security products that CyberGuru recommend detect and block these ransomware threats. In addition, you can check you are protected against this threat through tools on the respective manufacturer’s product website.
We suggest the following tips to protect yourself against WannaCry ransomware and other security threats:
- Have a reputable internet security product installed and configured correctly
We recommend you have a reputable internet security product installed and configured, scanning your computer for viruses both scheduled and as you access the various files on your local computer system as well as, network and internet. We prefer products that provide regular updates to new threats as well having the ability to detect unknown threats. In addition, such products should be installed on your mobile devices.
- Have regular backups in place
Having an automated backup solution in place that back ups on a daily or weekly basis on alternative media is now an essential part of any business. One set of media should remain available onsite but you should also keep a backup in an alternative location (preferably offsite) should any issues arise in your premises. Online backup systems are useful if you have a fast and reliable internet connection. Ensure you test these on a regular basis to ensure they are working.
- Update your computer’s operating system and applications with the latest patches
Microsoft Windows, Office and many third-party software (such as Adobe Reader, Java Runtime Environment, Firefox and Chrome), have updates issued by the software manufacturers on a regular basis. It is important to ensure you have these applied as soon as possible. If possible, schedule the automatic updates to occur as they are re, a schedule to ensure these updates are manually installed at least bi-monthly (if not monthly).
- Use caution when downloading and opening emails, files or website links from unknown or unexpected sources The most common form of receiving a virus or ransomware is now likely to be via email. These often contain attachments or website links requesting you to open these to receive. If you are not expecting to receive an email from an organisation or individual, call the sender before opening the file to confirm it is genuine. It is often best just to send the email to “junk” and “block” the sender.
- Educate your staff, colleagues and family on security threats As a growing number of people are online for business and personal use, it is important to be vigilant and aware of online security threats. Conduct security awareness sessions with your staff and colleagues, and speak to your family members about safe use of their equipment and make sure they too follow the steps listed above. There is no replacement for being aware and understanding the risks of security.
We trust that these tips may be of use. Please share this article with your colleagues, family and friends to protect them from such security threats also. If you have any questions, please feel free to contact us.