An Important Ransomware Anniversary
Two years ago this month, the single largest cyberattack in history struck Windows operating systems, disabling in excess of 230,000 computers across the globe.
WannaCry was an evolution of an exploit developed by the US National Security Agency for older Windows systems that was unleashed by a hacking group several months before the attack. Despite Microsoft having released various patches to combat the exploit, the spread was largely due to the sheer volume of businesses who had either not applied these patches, or were using outdated Windows systems that had past their end-of-life. The attack crippled the computers that were exposed to it, with the ransomware cryptoworm encrypting data and setting payment demands in Bitcoin. It took 4 days for the combination of emergency patches from Microsoft along with a discovery of a kill switch that prevented the further spreading of WannaCry, and whilst the hackers responsible were alleged to have only withdrawn just over £100,000 of Bitcoin ransom, losses resulting from the attack could reach as much £3 billion globally.
WannaCry was an extreme example of just how damaging and invasive ransomware can be, but it still remains a very dangerous threat to businesses across the globe and greatly risks the integrity of the data they hold – in the first 6 months of 2018 alone, there were over 180 million ransomware attacks reported. Of greater concern is the way in which these attacks can be triggered.
Whilst the vast majority of ransomware attacks are carried out using a Trojan masquerading as a genuine file that is either accidentally opened or downloaded by an unsuspecting user, others spread themselves via the Server Message Block protocol (like WannaCry) and are sophisticated enough to travel independently between computers with no user aid or interaction, some have even been transmitted via social media messaging. Arguably however, the biggest vulnerability that dramatically contributes to the spreading and destruction caused by these attacks is the lack of cyber security investment and the reliance upon outdated IT infrastructure.
Take WannaCry and the NHS for example. Up to 70,000 devices, which included computers but of greater concern MRI scanners and theatre equipment were at risk of being impacted, 19,000 appointments had to be cancelled and even some ambulances were diverted. The estimated cost to the NHS alone of this attack was £92 million, but the overall impact of these attacks go much further than financial or the compromise of data; they can have a profound impact on peoples lives, both within the business and also the general public. The NHS were found to still be running Windows XP, and had insufficient cyber security to efficiently deal with any such attack.
There are various considerations to make when it comes to protecting your business and your data against ransomware, and the absolute priority is to regularly and consistently back up data. Yes, a ransomware attack can still be “successful”, but taking steps to mitigate the risks by backing up valuable data and having it remain accessible in the worst case scenario will dramatically reduce both the short and long term impact and will allow a business to return to a fully operational state a lot faster.
If you would like to know more about the solutions UK Backup have to offer that will fully assist you in combating cyber-attacks of any magnitude, get in touch with us and we can arrange a discussion around your specific requirements.