Hide this You're reading Entrepreneur India, an international franchise of Entrepreneur Media.
Today's Most Read

Here Are A Few Ways To Save Your Data From Ransomware

Indian National Cyber Security Advisor has claimed about 100 systems were attacked in the country
Here Are A Few Ways To Save Your Data From Ransomware
Image credit: Shutterstock.com
  • ---Shares
You're reading Entrepreneur India, an international franchise of Entrepreneur Media.
Free Webinar | August 16th

Find out how to optimize your website to give your customers experiences that will have the biggest ROI for your business. Register Now »

On May 12, computers and organisations in as many as 104 countries were put to risk by a new strand of ransomware. This new ransomware christened “WannaCry” was found to be propagating through a Windows SMB vulnerability affecting all versions of Windows.

Since windows is the most widely used OS around the world, more than 200,000 systems worldwide were affected. However, conservative estimates by Avast and F-Secure suggest roughly 120,000–130,000 systems being affected worldwide. Apart from being the most widespread ransomware, it also had an anti-climactic ending. To evade sandboxes and potential reverse engineering techniques, the ransomware is connected to a non-existent domain. If it didn’t receive a legitimate response from that server, it would encrypt the victim’s files otherwise it won’t. A malware analyst registered the domain out of curiosity and the outbreak of “WannaCry” stopped.

Now, you may be wondering how did it spread across the world and who all were affected. For starters, it used the exploit developed by NSA to connect to every windows machine using the SMB service. Russia and India were some the worst affected countries. The targets of this attack ranged from banks to ATMs and healthcare systems.

In India, National Cyber Security Advisor, Mr Gulshan Rai, who works out of the Prime Minister’s Office claimed about 100 systems were attacked in India including Police and Health department computers of various states.

To protect your systems from such attacks, here are a few countermeasures:

  1. Patch all vulnerable versions of Microsoft. Microsoft has released critical patches to this bug, ahead of their Patch Tuesday. Everyone is advised to download and patch their systems from official website of Microsoft-
  2. You can block SMBv1 by navigating to Control Panel->Programs->Turn Windows Features On or Off. Here you can simply uncheck the box against SMB 1.0/CIFS File Sharing Support
  3. Update your antivirus and anti-ransomware definitions regularly.
  4. Use open source OS like Ubuntu, Redhat and OpenSUSE.
  5. Regularly backup your critical data. In the advent of a ransomware attack, backups are the only way one can minimise the damage.
  6. Train your employees in the basics of cyber hygiene. Estimates suggest that 90% of such data breaches and malware attacks can be averted if employees follow proper cyber hygiene.
  7. Regular Vulnerability Assessment of your applications and IT infrastructure. This could reveal backdoors, unpatched vulnerabilities and other weaknesses of your IT infrastructure.

As they say, prevention is better than cure. So is the case with IT health of your organisation. It is always in your organisation’s best interest to adopt proactive cyber security measures than waking up to a ransom note, paying 10s of Bitcoins as ransom and fuelling the underground economy.

 
Edition: July 2017

Get the Magazine

Get the monthly dose of Entrepreneur delivered to you.
Subscribe Now
OK

This website uses cookies to allow us to see how our website and related online services are being used. By continuing to use this website, you consent to our cookie collection. More information about how we collect cookies is found here.