How can the WannaCry virus hurt HE?

Probrand’s Mark Lomas outlines the key steps a higher education organisation can take to prepare for a potential cyber attack

As you know, a few weeks ago, everyone was reminded of the importance of investing in online security measures after the WannaCry ransom attack hit organisations right across the world. So far more than 200,000 computers in 150 countries are reported to have been affected by the relatively unsophisticated WannaCry ransomware attack – from the NHS to Telefonica, Nissan, Renault, and FedEx amongst others.

With experts warning of a potential second wave of indiscriminate ransomware attacks later this week, leaders everywhere are taking urgent action to protect their organisations. In higher education, that includes protecting your students as well admin and teaching staff.

But what steps can be taken to protect against the threat of ransomware? To explain, here I’ve outlined some of the things to know and steps to take as a higher education organisation to prepare for this imminent threat.

What is ransomware?

Ransomware is a type of infection that infiltrates your computer and holds your documents and data for ransom. Wannacry is the name for the variant of ransomware used in this latest world-wide attack, which is encrypting data and demanding payment in exchange for its release.

With ransomware, you’ll usually experience a locked screen with a message pop-up demanding you pay a specific amount of money within so many days or face losing your files for good. I want to highlight here that it is NEVER advisable to pay cyber-criminals in exchange to get your data back. Firstly, because it encourages them to continue the pursuit of this type of activity, and secondly, you cannot trust that they will return anything to you – being unknown as they are.

What motivates the cyber criminals to use ransomware?

Those behind ransomware attacks are hoping to benefit financially from their efforts. The hidden criminals are looking to extort money from organisations and individuals by using their treasured data as ransom. It’s important to note here that they don’t discriminate either – as we’ve seen with WannaCry already, they don’t avoid the NHS, charities, the elderly – the ransomware will infect anyone who is vulnerable, no matter who they are.

The main lesson learnt from the WannaCry attack is that older, outdated systems that haven’t been subject to regular maintenance are going to be more vulnerable in a cyber-attack

How might we find ourselves subject to an attack?

The main lesson learnt from the WannaCry attack is that older, outdated systems that haven’t been subject to regular maintenance are going to be more vulnerable in a cyber-attack. For example, Windows 7 was the operating system that the majority of the WannaCry attacks took place on. If these systems were not kept up-to-date, computers will have ben susceptible to known vulnerables. Human error, however, is the most common chink in an organisation’s armour. Emails encouraging you to click on links that entice you to download a hidden virus are a common tactic among cyber criminals.

Steps to protect yourself immediately and moving forward

Educating staff about the number of ways they could be targeted by a cyber-criminal is a critical step in protecting your organisation. Ensure that everyone knows what to look for to spot an email scam and nurture a cynical, cyber-savvy mind set so they don’t believe everything they read!

Second, make sure that across the organisation, all computer systems are up-to-date – that includes the odd back-room desktops. Just because they aren’t used very often does mean that no longer offer a vulnerable attack point for cyber criminality. To make sure your university, school or college is as secure as it can be, take a look at the full cyber safety checklist below:

1. Patch, patch, patch. This means ensuring that all software across the organisation, whether it your Windows operating systems or an individual desktop app, is up-to-date with the latest ‘patch’ in place. If you aren’t sure whether this is the case, seek the help of a professional.

2. Educate all staff and students. Be extra vigilant of unexpected emails and simply delete them when these come through. Most attackers gain access via email so check that your spam filters are operating correctly – if you still have a lot of spam coming through in general, take action.

3. Data back-ups. Ensure that across your organisation you are conducting frequent data backups. This can help you restore operations more swiftly should a cyber-attack take place. Whether it’s hourly, daily or weekly, make sure information is regularly being backed up either in the Cloud or onto external hard drives.

4. Anti-Malware. Check you have robust Anti-Malware which incorporates anti-cryptography capabilities to ensure that, even if your AntiVirus is not completely up-to-date, the ransomware will still be blocked.

5. Conduct a full security assessment. This will expose and remove security loopholes and review external vendor policies in case they have access to the network. Also, ask your IT maintenance team to carry out a full audit of installed software, double checking your firewalls.