Ransomware: Guidance from the National Cyber Security Centre

The National Cyber Security Centre has warned that it is likely that further cases of ransomware may come to light, possibly at a significant scale. What can you do to prevent this?

Over the weekend, the world was hit by one of the biggest cybersecurity threats in history. Since Friday (May 12th), the cyber-attack has victimised private and public organisations in 150 countries and, according to Microsoft, should be treated as a wake-up call across the globe. Microsoft blames governments for storing important data on software that was vulnerable and could be easily accessed by hackers.

Many businesses and organisations had IT experts working 24/7 to prevent new infections and to stop the ‘WannaCry’ virus from spreading. According to the BBC, the virus took hacked users’ files and demanded payments to restore access. It is believed that 200,000 computers were affected by the ransomware.

As we begin a new week of work, the National Cyber Security Centre (NCSC) has warned that it is likely that further cases of ransomware may come to light, and has the potential to impact businesses and organisations on a significant scale.

The NCSC has said that the way these attacks work means that compromises of machines and networks that have already occurred may not yet have been detected, and that existing infections from the malware can spread within networks. Because of this heavy risk, the security centre has warned that we must remain cautious and defensive.

How can we limit the virus from spreading?

There are a number of tools publicly available to limit the spread and the impact of further cyber security attacks. Guidance on this can be found on the NCSC home page ‘Protecting Your Organisation From Ransomware', and it is crucial that any organisation that thinks they may have been targeted by the attack, follows and implements this as soon as possible.

Ransomware attacks are some of the most immediately damaging forms of cyber-attacks that affect home users, enterprises and governments equally. However, this doesn’t mean that we can’t prevent these attacks by following just the simplest of steps.

What simple steps can we all follow?

The NCSC advise that businesses and organisations follow these simple steps to ensure they are protected against ransomware:

Keep security software updated
Make sure you are using verified and reliable antivirus software services
Back-up any data that is important

Smaller businesses and home users should also: run a Windows Update, make sure their antivirus product is up to date to run a scan (if you don’t have one, you can install one of the free trial versions), and back-up any important information.