May 15th 2017
Since Friday, the news has been dominated by the ransomware attack which has impacted heavily on a number of hospitals and GP practices across the UK – with organisations in up to 75 other countries also falling victim. Over the weekend, it has been further reported that 150 countries around the world have been affected, impacting up to 200,000 people.
Advice for Windows XP users PLUS Microsoft patches to protect against 'WannaCry' ransomware can be found at the bottom of this page.
As the new working week begins, Get Safe Online and other experts are anticipating that more organisations, and possibly individuals, in this country and internationally may find themselves affected. Ransomware – which is used by criminals to encrypt victim’s computer files until a financial ransom is paid (but this promise is frequently not honoured) – will lie undetected until a computer is switched on, with the additional consideration that existing infections can spread within computer networks.
This variety of ransomware affects business and home computers running Microsoft Windows XP, for which Microsoft ceased support in 2014, substantially increasing the possibility of security vulnerability for those still using it. Certain government organisations still running the system have maintained support agreements with Microsoft – which include the provision of security updates.
Home & Small Business Users
Home users and small businesses can take the following steps to protect themselves:
– Run Windows Update
– Make sure your internet security (anti-virus, anti-spyware) software is up to date and switched on and run a scan. If you do not have internet security software installed, download one immediately. There are many reputable vendors and you can find reviews online. Most are relatively inexpensive and many cover multiple devices, including your phone and tablet.
– Ensure your data is backed up. If your system is affected by ransomware, it may well be that you are unable to access any data. We recommend online backup to one of the many cloud-based (online) services available … again you can find reviews online.
– Depending on the strain of ransomware your computer has been infected with and your level of technical ability, it may be possible for you to remove the infection yourself, but we emphasise that it is a complex process. US computer magazine PC World offers advice here: http://www.pcworld.com/article/2084002/security/how-to-rescue-your-pc-from-ransomware.html
Enterprise Administrators
It is recommended that the following steps be performed as a matter of urgency in order to contain the propagation of this this strain of ransomware:
– Deploy patch MS17-010:
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
– A new patch has been made available for legacy platforms, and is available here:
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks