Ransomware, The NHS and How to Protect Yourself

It's very sad to hear what's happened to the NHS and countless computers and users around the globe.

So far we have not heard of any of our Leap customers being affected by this particular ransomware and we are continuing on high alert for the foreseeable future until the risk subsides.

Haven't Heard? Heres Whats Happened:

As you may have heard, a global ransomware attack has hit more than 70 countries knocking organisations including the NHS offline.

The ransomware attack, called Wana Decrypt0r 2.0, locks users out of their devices and data, encrypting all data and demanding a ransom for the decryption key via the Tor Network.  This malware is allegedly utilising the ‘EternalBlue’ exploit discovered by the NSA which has recently been leaked by a group of hackers known as ‘The Shadow Brokers’.   This malware appears to take advantage of the SMB (Server Message Block) protocol which is utilised heavily within the Microsoft operating system with an exploit to gain remote system access.  The malware isn’t currently known to be distributed via email, however this is a very likely candidate for further exposure and spread of the malware.  With this in mind, please apply extreme caution when opening any email attachments.

A patch was released for Windows 7 and above (Windows 8,8.1 and 10) in March and will have been applied to your personal computer if you have automatic updates enabled. However Windows Vista and Windows XP/later operating systems are vulnerable to this attack. Good news however as Microsoft has jumped in and released a patch specific for those operating systems that could be potentially affected, you can find these updates here.

This is one of many ransomwares out there. Please be vigilant with emails that you open, especially opening attachments.

How to Protect Yourself:

  1. If you use Windows, install the patch that Microsoft has released to block the specific exploit that the WannaCry ransomware is using. You can find instructions on this page in the Microsoft Knowledge Base. You can also directly download the patches for your OS from the Microsoft Update Catalog.

  2. If you are using an unsupported version of Windows like Windows XP, Windows 2008 or Server 2003, you can get the patches for your unsupported OS from the Update Catalog. We do recommend that you update to a supported version of Windows as soon as possible.

  3. Update your Antivirus software definitions. Most AV vendors have now added detection capability to block WannaCry.

  4. If you don’t have anti-virus software enabled on your Windows machine, we recommend you enable Windows Defender which is free.

  5. Backup regularly and make sure you have offline backups. That way, if you are infected with ransomware, it can’t encrypt your backups.

  6. For further reading, Microsoft has released customer guidance for the WannaCry attacks and Troy Hunt has done an excellent detailed writeup on the WannaCry ransomware.

 

Interested in learning more?

Or speak to one of our team +44 (0)1726 75551