News on Friday 12th May that NHS England had suffered a major ransomware cyber attack has since been extended to a wider victim base. We now know that the attack has affected around 150 countries, with major hits on the UK and Russia. It is estimated to have affected over 200,000 users to date. In the UK 48 NHS trusts have reported problems at hospitals, GP surgeries and pharmacies, along with 13 NHS bodies in Scotland – and no doubt the early part of this week will result in more problems as staff come into work and switch their PCs back on.
The hack which targeted Windows machines was miraculously stopped in its tracks from spreading by a young security expert (under name @MalwareTechBlog) who accidentally hit the kill switch on the malware by registering the hard code as a domain name which had been seeded by its creator
SAFEGUARDS:
There are some urgent checks that all companies and organisations should be making in the next 24 hours:
- Ensure you are up to date on patching your environment– a lot of organisations were caught out because they didn’t (and Microsoft released a patch for the vulnerability exploited by WannaCry in March 2017).
- Check your Anti Virus is up to date (and preferably use a cloud based service ie Webroot)
- Ensure you back up all your essential data in line with your businesses Recovery Time Objective (RTO) and Recovery Point Objective (RPO), so you can’t be held to ransom and fearful of operational losses.
- Communicate with your staff to alert them to avoid clicking on any suspicious emails and making sure that your operating system software is up to date (it was a rare move for Microsoft to release security updates for unsupported software such as XP as a direct result of this event)
Companies that want advice on data security, can contact Amicus ITS in confidence on 02380 429429.