THE BLOG

How To Protect Your Company From The Next Ransomware Attack

05/18/2017 10:35 EDT | Updated 05/18/2017 10:35 EDT
Zephyr18 via Getty Images
Hard disk file locked with monitor show ransomware cyber attack internet security breaches. Malware lock file concept for security article i.e. WannaCry or WannaCrypt attack all over the world

The worst cyber security threats are malicious, persistent and wormlike in their ability to spread havoc. One such threat was unleashed on the world last week, which has come to be known as WannaCry.

The unprecedented global cyberattack crippled IT infrastructure for more than 230,000 organizations across 150 countries, including Britain's National Health Service, Spain's Telefonica, FedEx Corp and Canada's Université de Montréal, holding computer systems hostage for ransom.

The culprit behind this attack is a new variant of ransomware called WannaCryptor, also referred to as Wcrypt or WannaCry. This crypto-ransomware works by infecting a user's files and making them inaccessible until a ransom is paid, in money or Bitcoin, with a threat that failure to pay will result in the data being destroyed.

WannaCry has been dubbed the greatest cyberextortion scheme in history, and is believed to have spread by hackers exploiting a security vulnerability in Microsoft's Windows systems called "EternalBlue," which was stolen from the U.S National Security.

WannaCry is unique in what Michael Aguilar, a business security specialist at ESET, describes as its "wormlike capabilities," which allow it to spread rapidly by itself.

In our interconnected age where we depend on technology more than ever, this unparalleled cyberattack has resulted in a worldwide wake-up call for IT users and businesses alike to make IT security a top priority.

wannacry

(Photo: Zephyr18/Getty Images)

While the damage of WannaCry seems to have been limited by a "kill-switch" discovered by British computer expert, Marcus Hutchins, security experts warn that new versions of WannaCry could still proliferate.

All of which begs the question: How can Canadian businesses protect themselves against falling victim to the next worldwide ransomware attack? Here are a few suggestions:

Don't open that weird link. Just don't.

Educate and remind employees to prevent ransomware attacks by not clicking on suspicious links or attachments on webpages, in chat messages, and in emails -- especially if the sender is unfamiliar. If the email is from a trusted sender, recommend that employees analyze the wording to make sure it's not suspicious or full of errors.

Often fake emails have incorrect spelling or strange subject matter. Ultimately, regularly advising employees to follow their intuition and avoid opening that weird link will decrease the risk of a ransomware attack.

Install anti-malware software.

Ensure that a reputable anti-malware software is installed across all of your company servers, computers, and any other piece of the IT stack. For example, the ESET network protection module was already protecting its clients and blocking ransomware attempts at the network level before WannaCry was created.

Never assume that your current antivirus software provides protection against ransomware, as it could be an outdated version that doesn't offer ransomware blocking. Dig further into the information provided about your product to see if it's listed among the features. If not, install a dedicated anti-ransomware program immediately.

Update on a regular basis.

Regularly updating your company-wide servers and Windows systems with the latest security patches is key to thwarting the threat of ransomware attacks. IT users and businesses alike should consistently patch their machines with updates from Microsoft, especially those who are using older versions of the operating system.

For Windows Vista to Windows 10, Microsoft issued this patch that protects users against the EternalBlue in March 2017, but didn't issue these patches for some of its older versions until May 12, 2017. Patching is ultimately the best remedy against ransomware attacks like WannaCry, as it targets the root of the vulnerability.

Put greater preventative measures in place.

The deep-seated dependence of worldwide businesses on interconnected technology means that greater IT security systems need to be put in place to protect their data against cyberattacks. Nowadays, it's important for companies to get security intelligence from the widest range of sources, extending their reach from their local network to the global cyberspace.

IT Security providers, including ESET, offer specialized products like ESET Threat Intelligence, which equip companies with the deeper information needed to better defend themselves against targeted attacks and ransomware threats like WannaCry in a timely manner.

Back-up constantly.

To ensure that sensitive, company confidential or any important files are safe if a company does get infected by ransomware, securely back them up to a remote, unconnected backup or storage facility on a regular basis. Periodically testing these backups to make sure your data is safe is also highly recommended. Cloud storage services like Backblaze personal backup are cost-effective and they let you store, retrieve and share data at any time while protecting your work from an attack.

Follow HuffPost Canada Blogs on Facebook