15 May 2017

Since the global coordinated ransomware attack, on thousands of private and public sector organisations across dozens of countries on Friday, the weekend has been quiet, but there are expected to be more cases reported as we start a new working week.

These attacks, that compromise machines and networks, may have already occurred but not yet been detected,and existing infections from the malware can spread within networks.

So how can you protect your business and the computer networks within it?

You can focus on two lines of defence:

The first is to limit the spread and impact of the attacks that have already occurred. Due to broad government and partner efforts, a variety of tools are now publicly available to help organisations to do this.  This guidance can be found on https://www.ncsc.gov.uk/guidance/ransomware-latest-ncsc-guidance under the title Protecting Your Organisation From Ransomware.

Any organisation that believes they may be affected should follow and implement this guidance. It will be updated as and when further mitigations become available and updates will be announced on Twitter (@ncsc) and elsewhere.

This second line of defence should be followed as a ransomware attack of this type and on this scale could recur.  There are a number of easy-to-implement defences against ransomware which very considerably reduce the risk of attack and the impact of successful attacks.

Three simple steps for companies to undertake which are also set out at https://www.ncsc.gov.uk/guidance/protecting-your-organisation-ransomware and can be summarised as follows:

1. Keep your organisation’s security software patches up to date
2. Use proper anti-virus software services
3. Most importantly for ransomware, back up the data that matters to you, because you can’t be held to ransom for data you hold somewhere else.

Home users and small businesses can take the following steps to protect themselves:
1. Run Windows Update
2. Make sure your AntiVirus product is up to date and run a scan – If you don’t have one install one of the free trial versions from a reputable vendor
3. If you have not done so before, this is a good time to think about backing important data up – You can’t be held to ransom if you’ve got the data somewhere else.


Back to News