25 May 2017

Outsmarting cyberattackers: are you protected from ransomware?

Written by Christopher Liko, Posted in ComputerTalk, Technology

Outsmarting cyberattackers: are you protected from ransomware?

The WannaCry ransomware attack began on May 12, 2017, quickly infecting more than 230 000 computers in 150 countries. This attack was considered unprecedented in scale, targeting a vulnerability in Microsoft's SMB protocol. The WannaCry virus demanded a $300 bitcoin ransom to unlock infected computers and allow access to personal data. In the wake of this (still ongoing) ransomware attack, what can we do to protect ourselves?

How do we do it?

Here at ComputerTalk, we follow a very stringent set of cyberprotection guidelines. As the provider of a PCI-DSS compliant private cloud, our organization must adhere to strict policies inside and outside of our cloud environment. One such measure is a software update policy. We ensure that all computers on our network are running the most recent software updates, to protect from any and all vulnerabilities. A Windows patch was released by Microsoft on March 14, 2017, to address the same vulnerability targeted by the WannaCry virus. Had an update policy not been in place, it would be possible that some machines on the network would be vulnerable, opening up the entire network to the threat. Some organizations suffered thousands of dollars in losses from the attack; this can often be attributed to a lackadaisical attitude toward software updates on the company network. There are many other ways to protect your network from cyberattacks, but implementing a software update policy is an excellent first step.

How can you do it?

The first step toward securing your company's network is an attitude shift. Without buy-in at all levels of your organization, a security policy will never be effective. As part of our company's PCI-DSS compliance, all employees are required to graduate from a PCI course. This ensures that all employees understand the risks of cyberattacks, and, more importantly, understand how to protect the company network from attacks. Once your colleagues understand the threats and prevention techniques around network security, formal policies can be introduced and enforced.

Health checks

One important method for ensuring constant network security is to perform health checks. Once a security policy is introduced, employee compliance tends to taper off, leaving the network exposed to attacks. Performing consistent health checks is the best way to prevent this. Health checks can involve several activities, such as a reassessment of employee security compliance, a network-wide security evaluation or even an interactive activity to test the company's protection and responsiveness regarding cyberattacks. Performing these health checks on a regular basis ensures that security remains top of mind within the organization.

Never fear cyberattacks

Major key to protecting your organization from is taking a proactive approach. If you have to react to a security breach, it's already too late. Ensuring that your network is always secured provides peace of mind, when half the world seems to be infected with the latest ransomware.

To learn more about our PCI-compliant private cloud, or to discuss how we can help you protect your customer data, contact us here.



blog comments powered by Disqus

About the Author