Since the perpetrators of the “WannaCry” cyberattack have not yet been caught, experts warn that there could be a second wave coming. To protect your systems, here are some immediate actions to take:
1. Install all Microsoft security patches.
For those of you who rely on employees to update their own systems, this would be a good time to verify compliance. This malware (or any other malware for that matter) can sneak into your network as soon as one of these infected systems connects. Once there, it can spread to other unprotected systems and devices.
2. Backup critical data to an unconnected device.
This ensures that even if your systems are unresponsive, you will have data to reload once the problem is addressed. However, it’s important that you disconnect your backups from the network to prevent the spread of the malware to your backup systems.
3. Deploy antimalware and malware signatures associated with this threat.
These can be found on the Department of Homeland Security website. TierPoint is available to help our clients if needed.
4. Refresh your counter-phishing policies and training.
The current speculation is that the malware was introduced via phishing emails. If there is a second wave, it will most likely take the same route. Make sure all employees are trained to recognize suspicious emails, know how to (not) respond to them, and have a method for reporting them to your security administrators.
5. Create a ransomware response plan.
If you are hit with a ransomware attack and are unprepared, there are a number of immediate decisions you will need to make including whether or not to pay the ransom (most experts say no), how to interact with law enforcement, and what information to release to the public. We highly recommend working with a law firm experienced in creating such plans to ensure all your bases are covered.
Republished from an article 5/17/17 by Paul Mazzucco, Chief Security Officer who is responsible for all TierPoint corporate security standards.
To find out more about increasing your network security, contact me at Steve@TopSpeedData.com – or visit us at our NEW WEBSITE – www.TopSpeedData.com