NHS cyber-attack - could you also be at risk?

Posted: 15-05-2017

Recent NHS cyber-attack stresses importance of anti-virus software and prevention measures to safeguard businesses against ransomware

Following the NHS ransomware cyber attack on Friday, MAM Software is urging its customers to follow protection advice and remain vigilant.

As the number of businesses affected by the ransomware continues to grow, MAM is reminding customers to update their Windows operating system and anti-virus software to minimise risk.

The ransomware attack crippled computer systems at NHS hospitals and GP surgeries, preventing users from accessing data unless they paid a ransom of $300 (£230) to restore access.

The virus exploited a known flaw in Microsoft Windows and spread throughout the organisation's network, affecting more and more systems. As well as the NHS, businesses were affected globally, including US-based delivery company FedEx and some Renault factories, which had to halt production.

Prevention is key when it comes to IT security, and the following tips will help to limit the risk posed to businesses:

  • Windows Update, make sure all software and operating systems are up to date

  • Ensure that an up-to-date antivirus software package is installed on your system

  • Backup your files regularly - you can't be held to ransom if you have a copy of your data elsewhere

  • Do not open a file attached to an email unless you can verify the authenticity of the sender

  • Do not follow a link in an email if you are not sure of the sender’s identity

  • Disable macros in Microsoft Office applications by default

  • Segment the network, use separate file shares rather than a single one for all users

  • Develop a plan for notifying employees should there be a security breach

  • It is recommended that the server is not used for general web browsing

Businesses can also increase protection by moving to a cloud-based solution, where software and data are stored in state-of-the-art data centres guarded by stringent anti-virus software, and data is backed up automatically at regular intervals.

"We are not aware of any MAM customers being affected at this time. We held emergency technical meetings on Friday evening to review the threat and carried out checks to ensure our cloud server infrastructure was protected," said Robin Darnell, Operations Director at MAM Software.

"Attacks like these often begin with a user opening an attachment from an unsolicited email. The attack used a known Windows vulnerability to spread."

"Microsoft issued a patch in March to counter this threat. You should ensure that all your PCs and Servers have the latest updates loaded. XP, Server 2003 are no longer supported by Microsoft meaning no updates are available. If you are still running these old operating systems you should look to replace as a matter of urgency."


What to do if you are affected

If you are affected by a computer virus, we advise that all affected PCs are turned off and disconnected from the network as soon as a problem is noticed. This will prevent the infection from spreading further.

We strongly recommended that the ransom should not be paid under any circumstances. According to experts one in five ransomware victims who pay the ransom never see their files returned.

In some cases, a decryption tool may be available for the particular ransomware infection, but many newer variants use a unique encryption key, which makes restoring the files impossible.

The best solution is to remove the infection, and then restore your data from your backup.

If you'd like to talk to someone about your backup processes, installing anti-virus software or moving to the cloud, please get in touch.

Sign-up for our news bulletins

Don't miss out! Stay up-to-date with the latest news, events, features and tips from MAM Software by signing up for our email news bulletins.