May 22, 2017
Printweek reported that many organisations have been affected even Fedex, but said that this is not rare and that according to Symantec: “ransomware strikes increased by more than a third to over 483,800 incidents in 2016. And the 2016 British Crime Survey highlights that cybercrime now accounts for more than half of all crimes reported in the UK.”
John Unsworth, Chief Executive of the London Digital Security Centre, commented: “Cyber-crime is a low-risk, high-reward venture for the criminal. Frankly, what rational, self-respecting 21st-century criminal would not to seek to prosper from the growth of the internet?”
The article also said that some organisations do make “it easy for hackers” and Unsworth said that the mindset was like a syndrome: “The syndrome known as ‘it won’t happen to me’ is alive and kicking when it comes to the discussion of cyber-crime and how to prevent it. Successful attacks, whether a phishing email, a DDOS [distributed denial-of-service] attack, an invoice fraud or a website defacement, usually have one thing in common: an inadvertent – or fully conscious – decision made by a human to either click on a link in an email, to not update to the latest software, or to provide remote access to a system containing data.”
Ransomware can encrypt files on a computer or lock a users screen then the hacker demands money to unlock it but they don’t always unlock it and the police “advise victims not to pay”. According to Stewart Watkins, BPIF’s IT advisor those most at risk are still running “unsupported operating systems and software [like] Windows XP, Windows 8, Windows Vista, Server 2003 and old versions of Adobe Acrobat and Flash”.
Printers that are using Windows Small Business Server 2008 need to look for something else as Microsoft have stopped supporting the email server segment in April 2017 and Watkins also said: “A lot of people get stuck on that one because the actual server operating system is still supported but the email component of it is not. That’s particularly risky because the email server is the most internet-facing component of the whole network.”
The NHS had been warned by experts that it was at risk using Windows XP and this was what led to the attack. Protection of networks against ransomware attacks means taking action and effort and investment are required even though “risk can never be entirely eliminated” said Unsworth.
Once infected the computer must be turned off and “disconnected from the network” after which it should be reported to Action Fraud. Recovering data will depend on much preparation there was before the attack. The article advises making sure that software is up to date and installing all system updates to every device as soon as they are available while maintaining regular patch management. It also advises installing firewalls and anti-virus software and keeping it all up to date as well as using strong passwords and training all staff on security while online giving them access to only what they need.
Data needs to be backed up regularly and that should be to a device that is not left connected to the network so memory stick, external hard drive or cloud which can also be used to filter emails. Software that alerts the user to change access permissions are available and effective and organisations can take out a cyber insurance. Both Unsworth and Watkins advised procuring “Cyber Essentials accreditation which is a government backed scheme that “sets out a baseline of cyber security measures suitable for all organisations in all sectors” and can prevent 80 percent of attacks.
Categories : Around the Industry