Over the weekend we have seen one of the largest known ransomware attacks spread malicious software known as WannaCry throughout the world. It is estimated that some 270,000 companies have been affected and this number is set to increase as a second strain of the virus has now been introduced. The companies affected are household names: NHS in the UK, FedEx in the US, Renault in France and Telefonica in Spain to name a few. What is for sure is that this virus was not targeted only at large companies, these are just the ones that have been reported in the press to date.
How can you protect your business?
Put all employees on full alert and ask your IT specialists to give you assurance on these five points as part of your cyber security arrangements.
- Update systems - Upgrade all obsolete/unsupported systems and ensure all systems have the latest security updates applied. A lack of patching systems and use of unsupported systems appears to be a common weakness in those who have been affected.
- Check backups - Check that all data backups or system snapshots are very recent and disconnect/air gapped from your network once complete. This will stop you back up systems being infected if something does ‘get in’.
- Secure emails - Ensure email is passed through effective content filters and that all users are made aware not to blindly trust email messages. Be suspicious of any emails you receive with the following characteristics, even if they appear to come from staff or trusted sources.
- Links to websites you were not expecting – this is the most common attack vector
- Attachments that you were not expecting
- Attachments with obscure names such as “document346837691873”
- Addressed generically such as “Dear Customer” or not addressed at all
- Requests for immediate action
- Content that refers to anything “too good to be true” - bank transfers to your account, lottery winnings, etc.
- Restrict access - Regularly review user access permissions to data and restrict them to the absolute minimum needed. If someone doesn’t need access to some piece of data in the network, then don’t give them access to it. The less employees who have access to the data, the lower the number of access points that the data could be affected by.
- Improve security - Implement two-factor authentication, especially for access to all remote access and online services. This adds a second layer of protection by an authentication mechanism to check that the identity of the user is legitimate. Password protection itself is not infallible.
Insurance can support these testing times and provide access to the experts that are needed to rectify the issues. Contact your Tokio Marine HCC underwriter today to discuss our Cyber Insurance