Hackers have held around 250,000 networks in 150 countries to ransom with computer malware that has brought businesses, the British health service and governments to their knees.
If you do not know how to protect against ransomware, here’s some advice that will help you protect your network.
What is ransomware?
Ransomware is a computer program that infiltrates your network by exploiting mainly Windows machines running old versions of the operating system.
The program takes over control of the computer and refuses to unlock until a ransom is paid.
The malware comes in two types – one that encrypts data to make it inaccessible until unlocked by the hacker and the second locks a computer screen but leaves other programs and data undisturbed.
How are computers infected?
In the case of the WannaCry attack over recent days, the malware was triggered by clicking on an email which loaded and activated the program on the computer. The malware included a program that spread the ransomware across a network
How do I prevent an attack?
Run Windows Update, make sure you have an antivirus app that is up to date and run a scan and back up data regularly off network so you can still carry on even if your computer is disabled.
Migrate from any unsupported operating system to a newer version that receives regular security patch updates.
For instance, update to Windows 10 if you are running an earlier version.
Stopping repeated ransomware attacks
Once you have a clean machine and data, it’s important to protect the computer from more attacks.
Instigate a routine of backing up data and scanning with antivirus software, daily if possible.
Make sure the operating system is patched with security updates automatically and move from an out-of-date version, such as Windows XP, as soon as possible.
Consider imposing a web browsing filter that stops users accessing unapproved sites and control access to computers that have removeable media – such as USB sticks or disks.
It is possible to stop suspicious programs self-executing without confirmation from a user.
What do I do with an infected computer?
Isolate the machine from the network and if you are in the UK contact the National Cyber Computer Centre.
The web site of your antivirus provider should have tools to clean an infected machine.