An unlikely hero and the importance of being up to date.
You’ve probably heard about the massive cyber-attack this past weekend that successfully crippled more than 200,000 victims in 150 countries, including more than 20% of hospitals in the UK alone.
The WannaCry malware spread among Windows computers, infecting and then encrypting users’ files, effectively locking them up one by one. While America was mostly spared in this attack, European users were told they had to pay a ransom in the electronic currency Bitcoin to regain access to their own information.
A screenshot from an infected computer.
Just imagine the flipflops your stomach would do if this popped up on your monitor at home or at work. As you can see, the hackers double their fee if the victim doesn’t pay up in three days, and after seven days, the files are deleted forever. As of today, there’s no “antidote” for Wannacry. It’s pay up or lose your data.
Now imagine the effect this had on the businesses and the hospitals infected. When files are inaccessible, work stops. In hospital environments, staff schedules, patient records, even test results were frozen and inaccessible. Appointments, operations, and treatments were unable to take place. Lives were potentially at stake.
This horror story has an unusual hero – the attack was halted by the efforts of a 22-year old computer security researcher in England named Marcus Hutchins. However, his stopping the virus was rather less a feat of cyber daring-do and rather more a fortuitous stumbling onto information: Hutchins was trying to track the spread of WannaCry when he registered a domain name hidden within the virus’ code. This had the unintentional though beneficial effect of stopping the virus’ progress.
You can read Hutchins’ story in his blog post titled “How to Accidentally Stop a Global Cyber Attacks”(sic).
It’s a good read, but as Dan Kaminsky, an experienced security researcher and chief scientist at New York security firm White Ops noted, it was less a case of a direct counter attack and more that Hutchins “was in the right place at the right time.” And that’s not something you can count on happening the next time. And there will be a next time. In fact, there were clear warnings that there would be a “this time”.
Rob Wainwright, Executive Director of Europol, the European Union’s crime agency, said that Europol has been warning organizations about the potential for just such attacks as WannaCry. Many businesses, and specifically the UKs health system, aren’t diligent on keeping up with the latest software updates – a practice that has become crucial in today’s ever-evolving world of technology.
See Wainwright interviewed on the UK’s “Preston on Sunday” show via the video link below:
Microsoft had actually identified the vulnerability exploited by the ransomware – and released an update that fixed it – back on March 14, 2017. The problem is that many businesses still run legacy systems like Windows XP (which Microsoft stopped supporting in 2014, but which is still being run on approximately 90% of UK healthcare computers) or simply don’t make keeping up with updates a priority.
“[A]ll sectors are vulnerable… (and) should take absolutely seriously the need to run updated systems and to patch when they can do that.”
Wainwright said banks have avoided the problems afflicting other businesses largely because they invested heavily in computer security.
“I think the hospital sector and others should follow the example (of the banking industry) to make sure that now they sit up and take notices of what is absolutely a huge security concern.”
It’s clear that updating software is no longer simply a way of “keeping up with the Joneses” and getting the latest and greatest features available. Businesses – and individuals – need to stay alerted to the
latest updates and threats to make sure their critical files and data remain theirs, and aren’t held for ransom by unscrupulous hackers.
Don’t be Held Hostage
Keeping up with the latest in security technology and software updates can be tricky. You have lots to do and there are only so many hours in the day. Many smaller companies and municipal offices simply don’t have the resources to devote to dedicated IT monitoring and personnel to keep watch 24/7. 5i Solutions can ensure you are never held hostage by malware or ransomware like WannaCry.
5i Solutions delivers managed cloud computing technology at prices to fit almost any budget. Not only does 5i tailor that technology to work with your current systems, but you can count on 5i to take your security seriously and monitor, administer, and track it on your behalf.
Our data hosting and super-secure Cloud Vault offers:
- Encryption
- Network security
- Automated updates with the latest software versions
- Key management
- Custom-built identity verification and access control
- Threat management
- Penetration testing
- Monitoring
- Logging
- On-demand reports to ensure the continued integrity of your data
Today’s encryption systems are strong and can protect your vital data from virtually any attack. 5i Solutions can build a custom solution for you for less than you might think.
Don’t wait for a competitor or malicious hacker to hold your data for ransom, putting you, your business, and possibly your patients, at risk. Contact 5i Solutions today.
5i Solutions. One single, secure point of intake, access, and storage. One singular solution.
5i Solutions, Inc.
Learn more at http://5iSolutionsInc.com
Follow WIDGET: LinkedIn
Follow WIDGET: FB
