Ransomware attacks and IT Support to help prevent major issues for your business.


On May 12, 2017 a major ransomware attack took place worldwide called TheWannaCry ransomware attack and considered as one of the biggest and most complex incident by the NCSC (UK National Cyber Security Centre).

Indeed not only it affected the NHS but also a large number of corporate organisations and businesses in the UK as well as other parts of the world including Russia and Europe and totaling 150 countries.

The malware is encrypting files and changing the extensions to: .wnry, .wcry, .wncry and .wncrypt and then presents a window to the user with a ransom demand.  Although it has now slowed, It spread rapidly, like a worm, by exploiting a Windows Server Message Block service vulnerability that devices such as PCs/Laptops use to share files and printers across local networks.

According to the experts, the attack was initiated by a group of hackers called “Shadow Brokers” using heavy encryption on files such as documents, images, and videos and as a result making it difficult or impossible for organisations affected to recover their data.

Microsoft addressed the issue in its MS17-010 bulletin and provided a patch for supported operating systems as well as emergency patches for unsupported operating systems as well. However, these would not allow organisations affected to recover their encrypted data.

What to do to prevent ransomware and its effects


  1. Be Suspicious of the emails you receive

When you receive an email, you should be suspicious of its origin and particularly those that ask you to open an attached document or click on a web links without knowing its origing . If you are not sure, do not open the documents attached and ask for your IT Support Company for advice.

  1. Update your Windows environment

You should make sure Windows OS on your machine is up to date including the latest patches.

  1. Make sure you have an up to date antivirus software

All security partners update their products with the latest protection programs to protect against known viruses, ransomware or other malware so ensure you have an antivirus installed on all your machines part of your business network and that they are up to date. For more information check our IT Security and business continuity page.

  1. Ensure that your data are backed up

We strongly advise any business to carry out daily backup if possible kept offsite. This would ensure, that in the event o a major issue including data not being recoverable from a virus attack, that data can be copied on the cleaned or new device (server, PC etc) and your business activity in not affected by a loss of data.

What to do to remove ransomware program when it happens


Some ransomware viruses are relatively easy to remove and are generally called “scareware” and consist in browser screens that claim your machine has been locked but it is not true – In order to remove those you just need to run an antivirus program that will remove them and clean your PC.

Other programs encrypt either the Master File Table in Windows, or individual files, or the whole hard drive and are as a result are harder to remove.

When these programs encrypt files, it doesn’t necessarily mean that they are lost. Indeed, there are many programs designed by security companies to decryp these files can be applied in some cases.

However, it can happen in worst cases that the ransomware encrypts each file with its unique key and in that case your data will never be recoverable. This is why it is key to ensure your business data are backed us safely using an offsite backup solution.

In conclusion, we would advise that if you identify a suspicious activity or are affected by such programs to get in touch immediately with your IT Support Team. AMJ UK is an IT Support company located in London and Kent providing IT Support London and IT Support Kent services for over 17 years. Do not hesitate to get in touch with our team of experts if you have any questions or for further information

In all cases, we would advise that you get in touch with your IT Support company to assist you with your IT issues and advise on solutions to prevent these to happen and ensure it doesn’t affect your business.

 

Share