- Automatic updates, backups and security software ensure secure IT systems
- Replace old operating systems such as XP and Vista as soon as possible
Regular updates and well-maintained operating systems prevent possible corruption by ransomware such as WannaCry. Despite this, many businesses and private individuals are still using PCs with serious security vulnerabilities. “WannaCry has particularly affected Internet users and companies which have failed to install necessary updates in the last eight weeks,” says Peter Meyer, Project Manager for Botfree, a service from eco – Association of the Internet Industry. “Outdated Windows versions such as XP and Vista continue to be widespread, although no further security updates have been provided for several years now.”
Lack of security awareness for IT systems
“WannaCry should serve as a last warning for businesses. Anyone who has still not understood the importance of secure IT systems is jeopardizing their entrepreneurial existence,” says Meyer. Internet users who have not yet installed the patch MS17-010 should not wait any longer. Again, the ransomware WannaCry shows how many people and companies are still using unsafe systems: for example, numerous hospitals in the UK, the Deutsche Bahn in Germany, the U.S. logistics company FedEx and the Spanish telecommunication corporation Telefónica. According to expert estimates, tens of thousands of computers in over 100 countries have been infected with the ransomware WannaCry. Europol is talking about a ransomware attack of unprecedented magnitude. Mikko Hyppönen from F-Secure even calls it the “biggest ransomware outbreak in history.”
Regular updates and backups!
Windows users are the prime targets. WannaCry exploits an older security vulnerability that became known in February, before Microsoft fixed it with a subsequent update in March. To be protected against similar incidents in the future, botfree.eu recommends activating automatic updates in the operating system and creating backups on a regular basis. With the latter, a system can be restored without serious data loss in the case of a ransomware or infection. The backup-data should be stored separately from the actual system because ransomware like WannaCry also spreads to other devices within the network and encrypts them. In addition to backups and updates, companies should also use a professional security package and regularly raise awareness among their own employees of such threats. As in the case of WannaCry, e-mails and their harmful attachments are the trigger of many such infections. Affected companies, authorities and institutions in Germany should contact the German Federal Office for Information Security. Moreover, they should refrain from paying a ransom to the blackmailers. Currently, it is not known whether the payment of the ransom is actually leading to the decryption of data.
For more information about effective protection against ransomware, please visit www.botfree.eu/en/index.html. Botfree is a service of eco – Association of the Internet Industry.