On Friday 12th May 2017 a new strain of ransomware called WannaCry globally targetted Windows Computers in at least 70 countries, causing major disruption to large organisations such as the UK’s NHS.
Once infected WannaCry encrypts data files and ask users to pay a $300(US)+ ransom in Bitcoins. A ransom note indicates that the payment amount will be double after 3 days. If payment is not made after 7 days, the encrypted files will be deleted.
Best Practice for users to stay protected against ransomware
Staying secure against ransomware isn’t just about having the latest security solution. Good IT Practises, including regular training for employees is essential. Make sure that you follow these best practises:
1. Create unique, hard to guess passwords and change them frequently
Your password is the first line of defence against hackers. Make sure you follow these rules to create a strong password:
- At least 10 characters’ long
- Include the following character types: lowercase letters, uppercase letters, numbers, and symbols.
- No single words in any language, slang or dialect
- Are not based on personal information, names of family, etc.
Don’t share your passwords and avoid writing them down.
Password protect all devices including mobile phones.
Don’t use the same password for everything.
Regularly change passwords every 30 – 60 days.
2. Be cautious about unsolicited emails and attachments.
Emails are one of the main infections methods. Be wary of unexpected emails especially if they contain links and/or attachments. Don’t enable macros in documents attachments received via email. Microsoft deliberately turned off the auto-execution of macros and made it default many years ago as a security measure. Only open emails and attachments from trustworthy, known sources. Always best to contact the sender via phone call if unsure. Stay up-to date with Microsoft Office versions and patches.
