The Ransomware that shock the world started on 12th May as a massive cyber-attack no one has ever seen. By now more than 150 Countries have reported being affected by the cyber-attack and more than 300,000 machines have been infected with the virus.
The kill switch was a temporary stop which has been fixed by hackers and now the ransomware is also called as UIWIX. Now there is no stopping for the malware.
What is Ransomware?
A malicious code which holds the user’s servers, machine hostage by encrypting data and demand ransom for the decryption key. The encryption is usually strong and it is impossible to decrypt the files without paying. Meaning, if the virus attacks your machine, either you pay or you lose the data on it.
How it affected India?
India among Russia, UK, Taiwan and Ukraine is one of the worst affected countries. Kerala, Kolkata, Gujarat and Andhra Pradesh have reported incidence of computer lockdown.
Though the impact has not been massive in India but significant as it reminds us of the need for better cyber security for our systems. The important thing to understand is cyber-security is not a joke and should be taken very seriously for governments as well as organizations.
The updated version of WannaCry ransomware- UIWIX is even more dangerous as it is unstoppable. The only way to keep protected is updating security patch.
Things to do to avoid being a victim.
There are certain to-do’s which can drastically reduce the chances of you or your organization be a victim.
- Update regularly. Do not consider IT security as a joke but as something crucial to the overall IT infrastructure. Be it Hospital, Educational institute, Hotel or any other industry. Security should be top notch.
- Use latest Anti-virus solutions and ensure they are updated on all the machines. Block IOCs on AV solution.
- Back up data regularly and keep the back-up firewalls updated. Limit access to minimum personnel.
- If possible, get security audits and tests done on a regular interval to test the vulnerability of system.
- Ensure IPS signatures are updated.
- Ensure email gateways have all necessary and relevant updates.
- Ensure Proxy solutions have updated database.
- Block the IP addresses on perimeter firewall.
- Anti-APT solutions (Fortinet). Check for updated signatures and possible internal sources of infection.
- SIEM: check logs to verify if any of the IOCs have been detected in 1 week logs.
Clearly having a dedicated security expert or agency can help in keeping the organizations safe. Logix Infosecurity helps in implanting latest security measures for your company’s IT networks. Keeping data safe, backed up and avoid hassle under such situations.