I clicked on a link earlier this week and ended up with something dreadful on my computer. It was the New Zealand Herald. Their article about the WannaCry ransomware I thought was truly abysmal, sensational and inaccurate reporting. It reminded me how careful you have to be with stuff you find on the internet.
Of course, the facts that prompted the media storm are also quite dreadful and it highlights yet again how careful we need to be with what we allow onto our PCs. I’ve written a couple of times in the past about cyber security and have spoken at a few events in the past year on the topic. I might sound like a cracked record (to anyone old enough to remember what a record is!) but I will stress again the two most important things are staff training and backups.
“Sadly the way the media picked up on the outbreak left readers with the impression that if their systems were all patched up to date that they weren’t at risk at all.”
Let me first emphasise that I am not saying that anti-virus and firewalls and keeping software updated aren’t important. It is completely true that if everyone’s Windows updates were current, WannaCry ransomware wouldn’t have been able to spread as fast as it did. It would still have hit all the organisations it hit, but the damage would have been less extensive. Sadly the way the media picked up on the outbreak left readers with the impression that if their systems were all patched up to date that they weren’t at risk at all.
Having said that, of course it pays to minimise your risk by keeping systems up to date and having a good firewall and antivirus. Just be aware that new ways around these will be found by malicious people as time goes on.
So, back to the two important things that you can control absolutely.
Staff Training
The single most successful method of transmitting virus or malicious software in the past few years has been as an innocent-looking attachment in an email. Our reality today is that this is how we mostly communicate and provide information that people require to do their jobs, and it’s very easy to over-protect and have a negative impact on productivity. I personally don’t want to go back to getting invoices and other documents via the post office!
“If you need to open attachments that you can’t 100% verify, open them on an iPad or Android device.”
The advice you will hear repeatedly is that you shouldn’t open any attachment from someone you don’t know and you should check out any unexpected attachments from people you do know. (ie Contact the sender and ask if they really sent you a file.) Just lately we’ve been growing our technical team and so have had job adverts online. Consequently we’ve been receiving emails from people we don’t know, with attachments that we need to open (their CVs). Our solution to that dilemma was to simply open any unverified attachments on an iPad or Android device. So far, all of the major virus and ransomware outbreaks have targeted weaknesses in the Windows operating systems and the code that does that will not run on a non-Windows device. We’ve found that to be a very safe way of being able to process incoming information with only a small impact on productivity.
Invest in your staff (your Human Firewall) to help them identify and deal with attachments or suspicious in a safe manner.
Backups
Yes, backups are the ambulance at the bottom of the cliff, and to draw further on that analogy, they are not there just when there isn’t a fence at the top – they also save people who’ve climbed over whatever fences were placed at the clifftop to protect them. Good, regular, off-site backups are your single most important way of recovering from data loss. Backups enable you to recover your data not just when a virus or ransomware attack happens, but also if your server dies, your staff do something silly and delete things, your office burns down, your PC is stolen… every single way you can lose data.
“Backups may be the ambulance at the bottom of the cliff, but that ambulance will still save lives.”
Naturally they are the last resort. There is certainly a big hit on productivity, on profit, if you are down for a day while your server is rebuilt and restored from last night’s backups. That is why the other methods of protection are important, too. Your backup is your last-resort way of recovering, but it’s the way you can be sure that you will get your data back and keep your business running.
So, what about those updates?
Keeping system software up to date, keeping anti-virus files up to date, making sure your firewalls are current – those are all important to protect you from ransomware. They are the fences at the top of that horrible data-loss cliff. OutSource IT carry out all of those tasks at various different levels for our clients who have regular support. The events of the past week have raised some interesting questions and we’re currently reviewing the methods and frequency of, in particular, operating system updates. With the current level of attack, these updates are becoming more important than ever, as is the timeliness of getting them onto your servers.
As much I’d like to say we are doing the worrying so you don’t have to, please DO be concerned about unexpected attachments and protect your business. I may be a cracked record, but the part of that record that keeps repeating is a very valid part.
Philip Adamson, Managing Director, OutSource IT
Back to all articles
