The news over the last two or three days has been full of information and some speculation about the attack on the NHS networking and PC systems. The attack has spread quickly and affected more than just the NHS. It’s become apparent that it is not targeted at the NHS. I do, however, believe it raises key issues about computer security and cyber hygiene.
The attack is being reported as ‘WannaCry/WannaCrypt’ which was based on the US NSA tools that where stolen and released in March. The attack is focused on the Microsoft Windows and a known vulnerability in the SMB (Server Message Block) (MS017-010), for which Microsoft released a critical update in April.
We all know that we need to lock the doors and close the windows before we leave the house, but we seem to forget these basic requirements when we are online. The attack this week goes some way to proving this point. We need to ensure that the computer systems we manage are up to date, with the critical patches in place; this is basic cyber hygiene. The NHS and other organisations affected by the attack were vulnerable because they had not installed the update released by Microsoft.
How can you protect yourself online?
In order to protect yourself from cyber-attacks:
- Be vigilant when accessing links sent to you via email or within a web site. Do not download any software unless you are certain it is legitimate and from a trusted source.
- Malicious code such as ransom-ware can be delivered via email. Please check the email address of the sender. An email may look legitimate with convincing branding and may even appear to have come from a colleague.
- You can check the source of an email or URL in Outlook by hovering your mouse over the ‘from’ address or URL. This will reveal the ACTUAL source of the mail or URL.
- Backup your computer regularly; backups are now critical, as at some point you will need to restore your computer from a backup.
What should business and large organisations do to guard against cyber-attack?
The spread of this attack and its impact is a wakeup call for all network administrators and managers. This may seem like shutting the door after the horse has bolted, but it is the ideal time to review and reflect on security policies and patch management. This issue needs to be raised at the board level of all companies and businesses as an ongoing item for review.
It will take time and effort to fix and rebuild all of the systems that have been affected by this attack. The cost of this will be in the hundreds of millions of pounds/dollars. As a business, you need to be asking what would you do if (or, more probably, when) an attack like this happens. Do you have the skills within your teams to stop and mitigate these types of threats?
Start investing in the right skills. Check out our undergraduate and postgraduate courses