Global Ransomware Attack

NHS Windows PCs hit hard

As many people know there is a wide-spread and serious global PC hacking attack. The BBC and UK papers report numerous hospitals and the NHS in general have been especially hard hit with many thousands of PCs compromised.

The virus is bad, as bad as they get. An infected PC spreads the infection to other PC on a network and all files get corrupted and encrypted. The hacker demands a ransom to un-encrypt files. With out a back-up of your data you are out of luck.

What is going on?

A ransomware virus known as WannaCrypt0r/WannaCry has affected Windows computers on shared networks in at least 74 countries worldwide, with 57,000 reported individual cases being affected, according to the analysis team at Kaspersky Labs.

Once one computer on a network is affected, the malware infection spreads to other Windows computers on the same network, shutting down entire government agencies and national infrastructure companies. Hospitals across the UK were being forced to divert patients and ambulance routes as of Friday afternoon, and several utility companies across Europe reported infection across their computer networks according to BBC News.

What Is Ransomware?

Ransomware is malicious software that installs itself on your computer without your knowledge. Once it’s installed and running, it will lock down your system and won’t allow you to access any files or programs on that computer. Usually, as in this current WannaCry exploit, it will alert you to the lockdown with an impossible-to-ignore pop-up screen which informs you that your computer is being held for ransom. To unlock your system and regain access to the PC being held hostage, the lock screen informs you that you must purchase an unlock tool or decryption key from the hacker.

Where Did This Threat Originate?

In this case, Microsoft has been aware of the vulnerability since March 2017, when it published a Security Bulletin covering the potential risk. According to the Spanish newspaper El Mundo, early indicators seem to point to the attack originating in China, but more information is needed.

How Can You Tell If Your PC Is Infected?

The most obvious way to tell if your computer has been affected is if you are seeing a ransomware pop-up screen when you start up your computer. But because we don’t know how long the malware sits on your computer or network, not seeing this pop-up isn’t necessarily an indication that you haven’t been infected. The bottom line: if your Windows computer has connected to a shared network, such as those found in schools, public places and businesses, and you don’t have complete control over every computer on that network and haven’t been keeping Windows up-to-date, your computer may be infected.

How to Protect Yourself

According to Microsoft a fix for this vulnerability was released on March 14th for all affected versions of Windows. If you are running Windows 10, 8 or 7 and have automatic updates enabled you should be okay. If you don’t and haven’t updated recently you should update to the most recently released version immediately.

It is important to note that unsupported versions of Windows, like Vista and XP, did not receive this security update. Those systems should either be isolated or shut down.

Are Macs safe?

This attack is purely targeting an know vulnerability in Microsoft Windows operating systems. Mac computers are not compromised.

Lessons learnt

The most obvious lesson is that if you run Microsoft Windows you must install the latest security patches. Do not use Win XP or Vista. As we wrote only recently, Windows XP is still in use in many companies.

Secondly this is yet another reason to move data from local storage to the Cloud where it is fundamentally safer and more secure. Using SharePoint as a cloud storage location for information is just plain smart. Moving data to the cloud allows more use of terminal access and thin clients. This coupled with Office365 for emails greatly reduces the need for local storage and reduces the risk of infections and malware in general.

Feedback

If you have questions about Cloud Computing or Microsoft SharePoint, feel free to post them in the comments section or contact us via the form below.

Arrange Call Back

[contact-form-7 404 "Not Found"]