Ransomware - could you also be at risk?

Posted: 07-10-2007

Recent global cyber-attack stresses importance of anti-virus software and prevention measures to safeguard businesses against ransomware 

Following the global "WannaCry" ransomware cyber attack last week, MAM Software is urging its customers to follow protection advice and remain vigilant. 

As the number of businesses affected by the ransomware continues to grow, MAM is reminding customers to update their Windows operating system and anti-virus software to minimize risk.

The ransomware attack crippled computer systems at more than 200 organizations in 150 countries, preventing users from accessing data unless they paid a ransom of $300 to restore access.

WannaCry is an encryption program that exploits a known flaw in Microsoft Windows and spreads throughout an organization's network, affecting more and more systems. Businesses were affected globally, including US-based delivery company FedEx and some Renault factories, which had to halt production. 

Prevention is key when it comes to IT security, and the following tips will help to limit the risk posed to businesses:

  • Windows Update, make sure all software and operating systems are up to date

  • Ensure that an up-to-date antivirus software package is installed on your system

  • Backup your files regularly - you can't be held to ransom if you have a copy of your data elsewhere

  • Do not open a file attached to an email unless you can verify the authenticity of the sender

  • Do not follow a link in an email if you are not sure of the sender’s identity

  • Disable macros in Microsoft Office applications by default

  • Segment the network, use separate file shares rather than a single one for all users

  • Develop a plan for notifying employees should there be a security breach

  • It is recommended that the server is not used for general web browsing

Businesses can also increase protection by moving to a cloud-based solution, where software and data are stored in state-of-the-art data centres guarded by stringent anti-virus software, and data is backed up automatically at regular intervals.

"We are not aware of any MAM customers being affected at this time. We held emergency technical meetings on Friday evening to review the threat and carried out checks to ensure our cloud server infrastructure was protected," said Robin Darnell, Operations Director at MAM Software.

"Attacks like these often begin with a user opening an attachment from an unsolicited email. The attack used a known Windows vulnerability to spread."

"Microsoft issued a patch in March to counter this threat. You should ensure that all your PCs and Servers have the latest updates loaded. XP, Server 2003 are no longer supported by Microsoft meaning no updates are available. If you are still running these old operating systems you should look to replace as a matter of urgency."


What to do if you are affected

If you are affected by a computer virus, we advise that all affected PCs are turned off and disconnected from the network as soon as a problem is noticed. This will prevent the infection from spreading further.

We strongly recommended that the ransom should not be paid under any circumstances. According to experts one in five ransomware victims who pay the ransom never see their files returned.

In some cases, a decryption tool may be available for the particular ransomware infection, but many newer variants use a unique encryption key, which makes restoring the files impossible.

The best solution is to remove the infection, and then restore your data from your backup.

If you'd like to talk to someone about your backup processes, installing anti-virus software or moving to the cloud, please contact us.

Get in touch

If you’d like to find out more about MAM Software systems and how they could improve your business performance, please get in touch. We’d be delighted to hear from you, whether you have a general inquiry or a technical challenge for our specialists.