The Biggest Ransomware Attack Ever
In case you have not heard about this in the news over the weekend, Europol (European Police Office) confirmed Sunday that computer networks in more than 150 countries and more than 200,000 people had been affected by one of the biggest cybersecurity attacks in recent history. “It is the biggest ransomware attack ever,” Europol spokesman Jan Op Gen Oorth said.
The number of affected networks and individuals is likely to go up, he said, because “many workers left their computer turned on last Friday and will probably find out that they are also affected by the malware on Monday morning.”
Although the investigation is ongoing, Europol thinks the malware began to spread Friday from Britain’s National Health Service. It then affected other networks in countries including Germany, Spain, China, Russia and India. It has now being detected in Australia as well.
It was a jarring reminder of a stubborn reality facing security experts: Companies and other organizations collectively spent $73 billion on cybersecurity measures in 2016, according to the research firm IDC. Yet systems around the world were crippled by human error — failure to do routine software updates and employees unknowingly clicking on email attachments that contained the malware.
How did the attach occur?
- Attack appeared to be caused by a self-replicating piece of software that takes advantage of vulnerabilities in older versions of Microsoft Windows
- It spreads from computer to computer as it finds exposed targets.
- Ransom demands start at $US300 and increase after two hours, a security researcher at Kaspersky Lab says
- Security holes were disclosed several weeks ago by TheShadowBrokers, a mysterious group that has repeatedly published what it says are hacking tools used by the NSA
- Shortly after that disclosure, Microsoft announced it had already issued software “patches” for those holes
- But many companies and individuals have not installed the fixes yet or are using older versions of Windows that Microsoft no longer supports and for which no patch was available.
Companies affected by global ransomware attacks should not pay the ransom so as not to feed into the growing business of organised cyber crime. If you keep paying the ransom it’s actually helping attackers to grow the industry.
Top 10 tips to protect yourself
- Watch out – scammers target you anytime, anywhere, anyhow
- Don’t respond – ignore suspicious emails, letters, house visits, phones calls or SMS messages
- Don’t immediately agree to an offer – do your research and seek independent advice
- Ask yourself who you’re really dealing with – scammers tend to pose as those you trust
- Don’t let scammers push your buttons – scammers will play on your emotions
- Keep your computer secure – update your firewall, anti-virus and anti-spyware software
- Use a secure payment service – look for a URL starting with ‘https’ and a closed padlock symbol
- Never send money to someone you don’t know and trust – it’s rare to recover money
- Protect your identity – your personal details are private and invaluable
- Spread the word – if you’ve spotted a scam, report it to www.scamwatch.gov.au
(source: ACCC’s The Little Black Book of Scams)
At the end of day, you (and your team) are at the center of security and you need you get serious about protecting your firm against cybercrime. Please share this email with the rest of your team.
If you have questions about security and how you can protect your firm against the latest cybersecurity threats please give us a call on (08) 9441 6300 or complete the form and we will call you instantly.