WannaCry was “a relatively unsophisticated attack and could have been prevented by the NHS following basic IT security best practice” said Sir Amyas Morse, comptroller and auditor-general of the NAO.” A story in the news today covered a review of the ransomware attacks in May which has just been carried out and I think the key word here is “basic”.
There are many things that can be done to help prevent or deter hackers from getting at your data that are inexpensive and easy to set up compared to the loss of data, paying ransoms and then the PR of having to tell your customers and the ICO (under the new GDPR Regulations coming into effect in May 2018) that you’ve had an attack.
1) A firewall with security policies and vulnerabilities locked down
2) Patch management including Microsoft and 3rd party software
3) Anti-Virus and Anti Malware software running on ALL machines
4) And the big one…USER TRAINING and AWARENESS
The first three items are critical but perhaps more so is the education of your users and staff so that they know what to look out for, what not to open and what to delete.
Also, if it happens to you…report it to the police. It is a crime and should be logged to help build up patterns of attacks so that campaigns can be organised to raise further awareness.
If you need any advice on how best to protect both yourself and your business, contact us and we’ll be more than happy to help.
For the full news story follow this link- http://www.bbc.co.uk/news/technology-41753022