As you probably heard, a massive ransomware attacked swept through networks around the world on Friday. It appears to have started in the healthcare industry, thus underlying the vulnerabilities within the entire industry. While the ways to defend or prevent this attack are nothing new, here are the three things you should do right now.
- Update All Patches: Wannacry exploits a vulnerability in the Windows OS. Microsoft has released a patch to correct this vulnerability, including for Windows versions it technically no longer supports. Be sure ALL patches, especially Windows patches, are up to date on all workstations and mobile devices.
- Re-Train Staff On E-mail Best Practices: Wannacry is initially delivered through an e-mail attachment or link. You should remind all staff immediately to be aware of ALL links and attachments they receive, especially in the next few days. Everything about an e-mail with a link or an attachment should be scrutinized before opening a link or downloading an attachment. If anything seems suspicious or out of place, contact the sender to confirm its authenticity or contact your IT manager for further instructions.
- Validate Backups: If patching and training are ineffective, your last line of defense against WannaCry is having up to date backups that are segmented from the rest of your network and are conducted with a high degree of frequency. You should also have recently tested your backup to ensure you can restore your systems if necessary.
Despite what you might have heard in various news reports, we expect this ransomware attack to continue to spread for the next several days or weeks. You should take these three steps immediately to prevent your organization from falling victim to this attack. We will send additional updates as new information warrants. Let us know if you have any questions.