Ready to sell solutions on Azure to your customers? Find out where to start with our free whitepaper
Join our Modern Workplace Webinar series on the first Monday of every month beginning Monday 3 December
Discover the key features and benefits of Microsoft 365, for your customers and and you as a partner, in our free whitepaper.
There are few businesses that will not have heard about WannaCry, May 12’s ransomware attack that has affected – and often with devastating results – organisations across the world.
So, we’ve put together a blog outlining advice that can help your customers better protect themselves.
Regardless of the type of ransomware – either lockscreen, where screens are locked to prevent user access, or encryption ransomware in which files are altered to bar users until an encryption key is applied – a business is unable to access its data until a ransom, usually demanded in Bitcoins, has been paid. The business is held over a barrel – pay up, or lose critical data.
Cybercriminals are becoming ever more sophisticated, and malware can enter an organisation via numerous routes. Typically, however, ransomware arrives via email, through a user linking to a malicious website, or resulting from issues with installed software and non-application of patches.
Whereas most businesses will have in place some – if not all – of the measures outlined below, it might be worth reminding customers of the importance of effective security safeguarding.
Vuzion’s top ten pieces of advice for helping business protect from cybercriminals:
Preventing malware entering the organisation in the first place is the best way to secure against cyberattack, and through the adoption of a ‘layered approach’ to protection, implementing anti-virus, web filtering and firewalls. It’s essential that businesses ensure each component is accurately configured and always up-to-date. Scanning solutions today incorporate functionality to re-write links to verify safety when ‘clicked’, and to open suspicious attachments.
Malware can often infect an organisation, entering through bugs in software and applications. Businesses should ensure that software updates are implemented and patches applied as soon as they’re released. It’s believed that WannaCry exploits a Windows issue for which Microsoft issued a patch in March – but, which many organisations have not administered.
Whereas organisations attacked by encryption ransomware will be unable to access their live data, their backup data will have been unaffected, and can be restored once infected devices have been cleared down. On the proviso that backup procedures have been performed regularly, the integrity of the data routinely checked, and well-defined and practised restoration procedures created, an infected organisation will lose relatively little data – and, importantly, can be quickly back up and running.
Email cybercrime is common, often sent by the cybercriminal as part of a mass random communication. Businesses should therefore consider investing in ongoing training to remind employees of potential hazards. Malicious links incorporated within emails create issues for many businesses. Give-away signs to look for include:
Emails received from legitimate contacts, but where the originating account has been attacked, still pose problems for businesses. These are often characterised by containing a short – at times often nonsensical message – and (malicious) link.
Social media networks or instant messaging may also contain links to malware.
Advising users to go direct to an official website rather than click on embedded links can help businesses guard against malicious attack, but the main point of advice is that it’s essential to keep reminding employees of potential ransomware threats.
Spear-phishing is a second and growing form of cyberattack actioned through email, with the attacker posing as a company official requesting a specified action – such as a the ‘CEO’ of a company asking Finance to transfer funds. These types of email can also claim to come from official organisations – a bank, government department, or even the police, for example. Companies should be aware of this potential risk, and define procedures to help employees identify phishing attacks.
Customers should be advised to create and record in writing a set of formal protection policies and processes in consultation with their IT partner who can apply these policy requirements to every device.
It goes without saying that the more robust a password requirements policy, the harder it is for cybercriminals to infiltrate a business. However, many companies still have not addressed password protocol, and allow users to set up ineffective and weak passwords. Requiring unique ‘strong’ passwords for individual accounts, or implementing single-sign on solutions, helps reduce risk, along with implementing multi-factor authentication whereby access is gained only after successful submission of various pieces of information as an additional layer on top of the password control – such as requiring input of a numerical code texted to a mobile device.
Malware can be activated via an attachment. However, webmail servers can be configured to block potentially suspicious attachments, identified by extension type – such as .exe, vbs, or scr. A show file extension function is also useful to help users avoid accessing malware via attachments.
Increasingly, malware is spread through invitations to download macros incorporated within every-day type documents. A robust policy defining download privileges and regulating rights per employee can extend protection across the business.
And finally, if an attack is suspected, advice is to disconnect from the web. At an early stage in the attack, this can prevent malware establishing itself, but may also prevent ransomware spreading to other areas of the business.
Vuzion CEO Michael Frisby says, “Ransomware is an insidious crime, with potentially devastating effects for infected businesses – as WannaCry is demonstrating, and it can hit organisations across industry, location and regardless of size.
“But there are ways businesses can protect themselves, with a people-process-technology approach to look at potential flaws in employee behaviour, business procedures and IT systems particularly effective. As it’s also worth remembering that when facing a ransomware attack, there’s a criminal gang behind it. Who’s to say that even on payment of a ransom demand, files will be un-encrypted… In addition, the National Crime Agency encourages businesses to NOT pay ransoms.”
The National Crime Agency (NCA) and the National Cyber Security Centre offer advice, and the Cyber Security Information Sharing Partnership (CiSP) is a national forum where businesses can discuss cyber issues.
At Vuzion, we’ll also be publishing various articles on security and protecting businesses against malware in the forthcoming weeks – but in the meantime, why not download our latest eBook below or speak to any of the Vuzion Team by calling 0333 920 6841 or emailing firstname.lastname@example.org.
Data & AI
Migrating Hosted Exchange Customers to Microsoft Office 365: Three Key Areas to an Upsell Campaign
Vuzion Managed Staged: Hosted Exchange 2013 to Exchange Online
Vuzion Assisted Migration Service (VAMS): Hosted Exchange 2013 to Exchange Online
Vuzion Managed Cutover: Hosted Exchange 2013 to Exchange Online
Microsoft Teams: Enabling Intelligent Communications
Care Computers & Microsoft 365
Nuvem Logic & Microsoft 365
Valto, Office 365 & CSP