Did you get an email informing you that you’ve been infected with a ransomware virus? You’re not alone. In fact, tens of thousands of emails flashing a bright red screen informing recipients being infected with a WannaCry virus infection has led some businesses to actually get infected with WannaCry (even though they hadn’t been before).
Many of the emails within the last couple of days actually encourage recipients to click on a link to get more information. By clicking that link, they’ve just infected their machine.
The next tricky new way cybercriminals are breaking into your network?
Using some of the same old tactics of old, but with a twist.
Instead of phishing for information, they’re phishing for users to react to the screen many of us are all too familiar with (at least in the ransomware remediation business).
Most of the people we’ve dealt with thus far that have received the emails were under so much panic, they didn’t know what to do. In reality, these emails are currently a phishing expedition into getting onto your network.
While some are actually leading to real ransom infections, others are directly demanding you to remediate the infection by paying off the ransom note in Bitcoin in exchange for fixing a problem you currently do not have.
This strategy is very clever and relatively unexpected by even some of the top minds in cybersecurity. The WannaCry ransomware virus has been one of the biggest viruses attacking businesses and organizations large and small (we’ve seen this virus shut down clinics and hospitals, leading administrators to turn away patients).
MRI scanners, blood storage refrigerators and other equipment completely frozen because the entire network had been attacked and shut down by the virus. WannaCry virus, as most recent virulent cyberattacks, is no laughing matter by any means. And receiving an email explaining that your computer (or network) is now infected by the virus is enough for many to take irrational steps of clicking on links and shelling over money.
But the take home (at least at this point):
Emails informing you of an infection (like WannaCry) on your computer or network are phishing scams to get you to do something you shouldn’t.
Of the thousands of emails you get in a week (if you’re like me), this is one to put directly into Spam. You might also alert your IT team that phishing traffic is hitting your inbox so they are on high alert of the issue.
But if you see anything from “WannCry Hack Team” with a subject of “!!!Warning WannaCry!!!”, rest-assured, you are not infected. The bad guys are simply looking for ways to turn you into a victim (and this is their latest campaign).
But to be sure that you NEVER get infected with a ransomware virus like WannaCry, what are some things to make sure you’re doing?
Patch your network—Microsoft, along with other software vendors, release patches regularly (at least once a month if not more regularly). Making sure your network is completely patched and that patches are tested to ensure they are working right will go a long way in plugging up exploits that hackers rely on when trying to break into networks like yours.
Train your staff—It’s far too easy to brush off training as something just to check a box. The problem with not taking security seriously in your office is that many folks will forget what to do when they’re confronted with actual security risks (as example, this WannaCry phishing email I describe above). Make sure your team is up to speed with cybersecurity basics and trust your IT Support team enough to enact in their best interests.
Monitor your traffic—Most often, before an actual ransomware attack locks up a network, there’s already malicious traffic coming across the network. Making sure you’re able to understand where traffic is coming and going and reporting suspicious activity (or investigating strange activity on your network) will help to avoid bigger problems down the line and nip security vulnerabilities in the bud the first time.
Back up EVERYTHING—One of the hardest parts of remediating new clients that are infected with ransomware is restoring them when they’ve nothing to really restore from. Having tested offsite backups in the event something happens is a critical component to being prepared for the unexpected (ask us about creating a business disaster recovery plan if you don’t already have steps to remediate a ransomware attack).
And many, many more tasks—There are too many preventative measures that your organization should be thinking about—from an operational standpoint—that will help you leaps and bounds to avoid being the next cyber statistic.
One good first step? A network vulnerability assessment. Contact us TODAY for a free assessment.
