Take These Steps So You Never “WannaCry” Again
By now we all have heard of—or perhaps been impacted by—the recent global ransomware attack WannaCry. Brazen in its impact and reach, WannaCry left many institutions scrambling to bolster their cyber security and prevent future incursions into their IT infrastructure. Particularly vulnerable were institutions within the public sector—local government, public administration and public safety agencies; healthcare providers; and nonprofit organizations—whose technology infrastructure often consists of a patchwork of systems that are outdated and cumbersome. This arcane framework then became their Achilles heel, a weak spot riddled with safety gaps ideal for exploitation by hackers.
A type of malicious software, WannaCry blocks access to data until a ransom is paid. In this case, the program enters systems through a downloaded file sent by email. Once clicked, the program encrypts files onto the system and demands payment to receive a decryption key to unlock data.
However, by following a few best practices recommended by our IT team here at Superion, businesses and organizations—and the individuals who run them—can avoid becoming paralyzed by the next ransomware attack.
- Be vigilant about updating software and installing appropriate security patches. As WannaCry showed, most victims were using outdated software running on older, obsolete versions of operating systems.
- Take a good look at how you are protecting yourself and your business from phishing attacks. Do you know how to spot one? One good rule of thumb, be wary of emails with embedded links, even if you think they came from a trusted source. You can check by hovering over the email link to see if the address is what you expect or out of the ordinary. Communicating directly with the purported sender to confirm if he/she sent the message, or reaching out to your IT department for guidance are also good practices.
- Have solid security measures in place. What does that mean? Whenever possible, use two-factor authentication such as a password and mobile phone. Never reuse passwords or use overly simplified ones. No matter what you think, 12345 and password1 are never secure passwords.
- Be prepared for any scenario with backups of everything. For most of us, that could be as simple as purchasing a $60 hard drive and uploading the contents of your computer. Keep it at your sister’s house or somewhere across town or out of state in the event of a natural disaster. Schedule a regular handover to refresh the backup monthly, weekly or whatever is feasible. While the cloud offers secure, virtual storage, it too has been susceptible to hacks.
These are some simple steps we all can take to be sure we don’t count ourselves among the dreaded digital-hostage statistics we often read about today. For our partners in public service, we hope you continue to see the value of our Superion innovations and customer service.
Take a few moments to read these recent articles, and let us know how we can help you power a better public experience.
Charles AlmyChief Information Officer