Unless you’ve been living under a rock for the last few weeks, you know that there has been a notable increase in cyberattacks around the world. Hackers have been spreading a type of ransomware called “WannaCry” via emails that trick recipients to open attachments that make them vulnerable to the attack.
Since Friday, over 150 countries have been affected by WannaCry, with the largest impact being on the NHS in England and Scotland. The attack hit over 16 organizations, crippling hospitals and general practices, forcing them to shut down and turn away patients.
What you need to know about ransomware
Once your system is infected, ransomware will encrypt your files, rendering them useless without a key. The guilty hackers will then demand some form of payment (typically via bitcoins) for the return of the hostage information.
Ransomware’s effects are not limited to the files on a device - they can also affect the device as a whole. Hackers can put locks on user profiles that make it impossible for individuals to log into their devices without paying a ransom. Similarly, they may alter a computer’s startup process so that it cannot finish unless a ransom is paid.
What you need to do to protect against ransomware
Companies must ensure adequate employee training to protect from ransomware. For example, employees must be able to identify phishing attempts and illegitimate emails. Additionally, users must be sure to keep their systems, software, and applications up to date. Finally, regular backups of data are a necessity.
In addition to the above, organizations must embrace technological solutions that can protect against ransomware. While traditional, signature-based solutions can detect previously identified threats, advanced solutions that utilize capabilities like machine learning must be adopted to protect against unknown threats.
As hackers become more sophisticated, companies must use a multi-pronged approach to prevent the spread of ransomware. Begin arming yourself by downloading the overview of Bitglass’ Advanced Threat Protection.