You’ve seen the headlines this week about the global hack WannaCry. The world is in the wake of the largest ransomware attack in history that infected 200,000 Windows systems in the first 24 hours of deployment. Though it might seem to some that the worst is over and they’re in the clear, the reality is they are wrong. Though Microsoft released an emergency security patch, this ransomware is still very much on the loose and those with unsupported versions of Windows, for example, Windows XP, Vista, Windows 8, Server 2003 and 2008, are still vulnerable. So, what does this mean for your business?
If you have an IT professional on staff who has been keeping your system updated right along, then you’re steps ahead of those who haven’t updated at all. However, you are not in the clear. Though these patches and updates protect your network, it is hard to predict what types of variants there are with this ransomware. Because malware is unpredictable and always at large, your due diligence is necessary. Be sure that you and your IT staff update all employees on what to look for and to be suspicious of emails so that they are also aware and know what to look for. Continue to stay updated as patches are developed so as to not fall behind and become easy prey.
Not every company has an IT professional on staff. Often in smaller businesses the CEO or other employees are tasked with maintaining the integrity of the network. This can sometimes fall to the wayside as companies are conducting other business duties that may take precedence. If this sounds more like your business then you need to make updating your security patches (both Windows and 3rd party) a priority.
At times like this where there is a lot of confusion, it is hard to ensure that you did the right thing at the right time for not only your system, but ultimately to protect your customers as well. First, refer to Microsoft to see whether or not your Windows operating system could be in question, and if so what to do about it. There are "updates" that masquerade as the real deal that are actually malware. So, again be careful.
Reports have come out that there were specific kill switches created to stop the ransomware from spreading. This is true, however, since that discovery, the bad actors have since created a variant that the kill switches will not stop. You can always expect the bad guys to come out with new variants to spread malware after we find a way to protect against the old.
Next, you should consider investing in next-generation endpoint security if you already do not do so. Partnering with professionals like us to not only add another strong layer of protection to defend your system, but to also have expertise that you can depend on will give you peace of mind and is also a wise investment compared to spending money after an incident occurs.
In the event you have not yet updated your system and are still debating if it’s necessary, consider the ramifications if you don’t. Though most companies may be able to pay the $300 in bitcoin that WannaCry demanded, most business owners are not comfortable giving into cybercriminals to get their information back if they get it back at all. Instances have occurred where ransoms are paid with the promise of having information restored only to be left disappointed when cybercriminals decide not to give tou access anyway. In addition, once they had access to your data they can also keep your data and reuse it. On top of that financial hit, you have to consider how much your business is losing in downtime.
Though it may take hours or even days to get your business back and running, you have lost customers and profit from not being operational. So far, a total of $84,000 has been paid to WannaCry, quite low for an attack of this magnitude. However, ransoms are expected to increase as more people are infected by this malware and let fear push them into paying. According to recent statistics, 60 percent of small businesses who get breached will be out of business within six months.
With an attack this large and spreading so rapidly, this is the time to be proactive and seek assistance in securing your network. If you feel you need help with dissecting your network for vulnerabilities and patching your operating systems, reach out to Twinstate Technologies for guidance. We have effective solutions, and special promos that make implementing security easy, affordable and most importantly, effective.
Originally published on 05/19/2017