At Air-IT, we were alerted to the launch of the WannaCry ransomware attacks as soon as news broke on Friday 12th May. Our cyber security specialists and service desk team are constantly scanning for new and emerging threats so we can warn and protect our clients at the earliest possible sign.
WannaCry ransomware – our response step by step
Having broke mid-afternoon, our technicians worked through the evening and into the weekend, ensuring every possible defence was rolled out to reassure our clients and block any potential WannaCry ransomware attempts.
Notifications were pushed out via the Air-IT Service Hub, our desktop management platform. Installed on our clients’ workstations, Service Hub allows us to broadcast notifications and important technical information straight to our clients and all of their end users. It is also accessible via the mobile app, for updates on the move.
Air-IT Service Hub notifications
Our ransomware blocking tool, known internally as our CryptoBlocker Watchdog, was automatically updated to recognise and block the associated WannaCry file extension .wncry. Basically, this is how ransomware rewrites and then encrypts files, although each strain will be unique. As well as blocking WannaCry, our CryptoBlocker Watchdog allows us to detect, halt and limit the spread of thousands more malware variants.
Emergency patches issued by Microsoft were also rolled out, to ensure any vulnerabilities in Windows XP and Windows Server 2003 were fixed. This came after news that these unsupported operating systems is what possibly led to the wide spread success of this particular attack.
Ultimately, we’re extremely pleased to report that none of our customers encountered any WannaCry attacks.
At Air-IT, we’re continually looking for new and improved ways to protect our clients from threats. Here’s what we recommend…
Up-to-date hardware and software are priority in the defence against cyber-crime. This means patches and updates to vulnerabilities can be applied and locked down. If your business currently depends on legacy systems such as Windows XP and Windows Server 2003, they should be migrated to supported systems wherever possible. You should therefore seek informed advice about how best to manage these platforms and plan for the future.
Users should also be managed and only granted access to parts of the computer network they need. Limiting access in this way can deter the spread of any cyber infections.
To recap, layering your cyber security is the best defence against attack. This means threats have to pass through more layers, and reduces their chance of success. Our approach uses anti-virus and anti-spam solutions to filter web and email borne threats. Correctly configured and monitored, firewalls prevent unauthorised access to your network. Unified Threat Management (UTM) and web-filtering solutions provide protection from a wide range of threats, and cover various devices as they roam. Our ransomware blocking tool has the unique capability of providing specific protection to thousands of threats.
Backup and Continuity planning is vital. This enables you to restore previous versions of data if you encounter any problems and is not just limited to use in the event of a cyber-attack. At Air-IT, we use solutions that can backup your data as frequently as 15 minutes apart, preventing the loss of data when you need to restore. We also test these for all of our clients at regular intervals, to ensure that they work should you need them. Lastly, the backup should be kept in more than one location. Ransomware will attempt to encrypt any network based backups, so it’s important to keep a copy elsewhere.
We provide hosted and Cloud-based solutions and recently won the Managed Service Solution of the Year Award with IT Europa’s European IT and Software Excellence Awards – recognising our expertise in backup solutions. We have also been shortlisted for the forthcoming Business Continuity Awards to be held by CIR Magazine on 8th June, 2017.
Best Practice and Compliance
Cyber Essentials and the NCSC’s Ten Steps to Cyber Security can be used to plan out cyber resilience strategies. Our approach considers these key planning frameworks and more to keep you protected. Our free cyber security masterclass is open to new and existing clients, to help you manage your response to the changing threat landscape.
James Healey, Managing Director of Air-IT adds:
At Air-IT, we have long seen the importance of cyber security as a top priority. Ultimately, businesses depend on their systems to run effectively and regulatory fines for non-compliance are due to increase.
The cost of prevention far outweighs the possible consequences of attack, like those witnessed with WannaCry. Hopefully, something positive may come from recent events in the sense that companies begin waking up to these facts.
Managing Director, Air-IT
Worried about cyber security?
If you’re concerned about your cyber security, would like more information about our services and audits or perhaps need help recovering from a ransomware attack, then please contact us today or call 0115 880 0044.
Alternatively, if you would like to register your interest for one of our forthcoming cyber security masterclasses, then please let us know by emailing email@example.com