What lessons should organisations learn from an international ransomware attack?

DigitalXRAID co-owner, Scott Goodwin, was interviewed on Hallam FM yesterday, discussing the recent international ransomware cyber attack.

He described the nature of the attack and the reasons why the spread has been so rapid and extensive.

“It’s a rude awakening in terms of security. Even today, we have seen that the ransomware used in Friday’s attack has undergone a revision and attacks are likely to increase as a result. Organisations need better support and funding, as we can see that the cyber threat is very real and has affected fundamental infrastructure in the UK. It isn’t desirable to pay criminals to reinstate access to encrypted data, so for the organisations who have been affected, this particular breach is about coming to terms with what has been lost. There are actions which can mitigate against these threats. Patching regimes should be implemented. Anti-virus software must be kept up to date and regular back-ups are essential. In addition, Cyber Essentials is a government backed, industry supported scheme, to help organisations protect themselves against common cyber attacks.”

The National Cyber Security Centre (NCSC) made a statement:

“Since the globally coordinated ransomware attack on thousands of private and public sector organisations across dozens of countries on Friday, there have been no sustained new attacks of that kind. But it is important to understand that the way these attacks work means that compromises of machines and networks that have already occurred may not yet have been detected, and that existing infections from the malware can spread within networks.”

The NCSC’s full statement can be accessed on their website: http://ncsc.gov.uk/

DigitalXRAID are an official Cyber Essentials certification body. For more information, or for any advice about the current cyber threat, please don’t hesitate to get in touch.