The WannaCry attack, which hit globally on May 12, 2017, was well documented, including on Digital Journal. In summary, affected users were met with an onscreen “ransom note”, demanding payment of $300 in bitcoins for the return of their data to its original state. The reason why bitcoins were requested is because they are hard to track. Transactions involving bitcoins are recorded in a blockchain ledger, which is an autonomous database, with the data recorded within time-stamped blocks.
The insidious piece of software acted as a network worm, spreading to vulnerable systems. Behind the attack was a hacker group called “The Shadow Brokers”.
READ MORE: Blockchain community falls under U.S. regulations
Such attacks remain out there and every business system is vulnerable, albeit to different degrees (according to Forbes malicious software is continuously evolving). So what can businesses do to minimize the threat of attack? The first is to update old client and server versions of windows with the latest security patches, especially the MS17-010 patch. In addition, Insights for Professionals advises that businesses activate host-based and network firewalls to block TCP/445 traffic from any unknown systems.
It is also important that businesses regularly backup of their data. Here, if a malware attack happens, at least most of the data can be retrieved. This damage limitation step is surprisingly overlooked by many businesses. This can be achieved using a physical, non-networked device or an off-site server. Here, Cyberaware adds, staff training is an important factor.
Other things that businesses can do, as part of what The Daily Telegraph calls a ‘culture of caution‘, is not to ignore warnings and ensure all upgrades are executed. Apparently, with the major attack on the U.K. health service (the NHS), the organization was given repeated warnings about its largely old fashioned systems.
The use of a firewall is important, especially when coupled with an effective antivirus and antimalware suite. Many antivirus software packages take the form of disc scanners, and these should be run regularly (ideally at a time when the computers are not in use due to the tendency to slow systems down). In addition, start-up scanners are useful. These scan the system files and boot sectors when the computer is switched on. This will prevent some viruses from taking effect.
Systems can also be tested for vulnerability by using platforms like the Metasploit Framework, which can test the limits of a computer system. Each of these elements should form part of an effective cybersecurity strategy for each business.
