The consequences of the second global ransomware attack in two months are still being felt today. IT teams at some of the world’s biggest companies have been battling ransomware which seems to have emanated from a software update mechanism for accounting software that is widely used in Ukraine.
It contains elements of the ‘Petya’ strain of ransomware but, whatever name security researchers give it, we know it is malware containing the code known as “Eternal Blue” which spreads rapidly through networks by exploiting a vulnerability in Microsoft Windows and demands Bitcoin payment to unlock the computers and data it holds to ransom.
The fact that so many large corporations have been affected proves that the damage that can be done by a cyber-attack is real. Two months ago we saw how the NHS was seriously impacted by WannaCry ransomware. This latest attack has seriously disrupted the operations of oil companies, shipping companies, legal and pharma business, world leading consumer brands and agencies and even a nuclear power station. Whole computer networks have had to be shut down as the virus spreads, causing huge disruption to business.
However some of those affected have managed to minimise the disruption to their operations. How? By switching to an offsite or cloud backup.
Failure to backup your data can lead to the loss of business critical information. Even if you have a backup in place, if you don’t conduct backups regularly you could still lose critical data. And, if the backup is not offsite or what we call air-gapped, both sets of data could still be affected.
The general advice for protecting your systems against ransomware like this is to ensure that your software and apps are regularly updated. Our advice however, is to stand back and take a look at your overall approach to cyber security. Build in backup and disaster recovery to your business strategy and make sure your staff are trained to spot potential vulnerabilities and suspicious activity.
By taking a multi-layered approach to information security in your organisation you will be able to sleep at night.
Find out more by reading our eBook Ransomware – How to Defend Your Organisation