Five tips to keep your business safe from the next global cyber worm

Pete Turner from Avast shares his tips on how to stay secure

This is a contributed piece from Pete Turner, Consumer Security Expert at Avast


The recent WannaCry ransomware attack has been one of the most prolific cyberattacks to hit the internet in recent memory, with over 250,000 attacks tracked in more than 150 countries. 

Whether you were affected or not by the attack, it’s important to remember that cyberattacks, and ransomware in particular, are on the rise. Here are some simple security best practices which can help you bulletproof your business against future attacks.  


Tip 1: Keep all your business software up-to date

Whatever software products you use, ensure that you always install the latest updates as these almost always contain security fixes and patches. This will help keep your business devices protected against attacks which seek to exploit a vulnerability in an older version of the software, as was the case with the recent WannaCry worm.

The rapid spread we saw with WannaCry was enabled by the failure of many businesses to apply a patch for the vulnerability it exploited, known as MS17-010.  Microsoft had made this available some months previously for its supported and, in an unusual step, also its unsupported, older OS versions. It’s clear that any worries about the disruption that could be caused by updating software should be weighed up against the very real, increased risk of cyber-attacks.

Relying on companies such as Microsoft to continually offer support such as patches to address security flaws for older, unsupported operating systems is ultimately naïve. Software companies sensibly recommend users should upgrade to the newer, safer versions of the software they have made available. It only takes one vulnerability to bring down your IT system or for someone to take control of it. The latest software updates will ensure that the likelihood of this happening is kept to an absolute minimum.


Tip 2: Install and maintain a good antivirus

Many threats today can be easily prevented with a good security and antivirus package. There are plenty of affordable and scalable antivirus packages available to businesses that can be installed to tackle the latest ransomware threats. They normally require a small annual subscription, and offer a variety of features that you can match to your business needs and the size of your network.

Many antivirus packages provide a feature that blocks websites that could potentially pose a threat to the cybersecurity of a business, such as malicious domains or websites that are hosting malware on the site. Website filtering immediately helps to protect employees from accidentally accessing known malware or phishing sites, and can be customised as required.

It’s not just computers and smartphones which can be affected by malware. With an increasing number of Internet of Things devices including tablets, cameras, printers, storage devices and of course routers, it is essential that they too are adequately secured. Research we conducted at Avast found that 47% of routers in the UK were unsecured and open to attack or else had a software vulnerability that could be exploited.

Depending on the size of your business and number of devices that need secured and managed you can choose to buy your security products directly from the website and manage them yourself. Alternatively, a reseller can be a great resource in providing not just the software but also the expertise to remotely manage updates and security patches so that you don’t have to.


Tip 3: Regularly back up files

If your files have been encrypted by ransomware, there isn’t a lot you are able to do following the attack. Even if you pay the ransom, there is no guarantee you will get your files back intact. In the WannaCry example, the claim that files would be deleted if a ransom wasn’t paid turned out to be fake but it encouraged victims to pay up nonetheless. To avoid this situation as much as possible, one action you can take is to perform a recovery from back up.

However, this ‘get out of jail free’ card will only benefit users who are regularly backing up files so should you lose data to ransomware, then you can access a recent copy of the files you have lost. Establishing a regular update process for important files is a good habit that will help mitigate any effects should you be unfortunate as to fall victim to ransomware.


Tip 4: Keep control over your critical data and systems

Limiting staff access to certain data and files can significantly reduce the impact of a ransomware attack on any given business, by reducing the data encrypted to only what is available to the affected user via their user privileges. The reach of the ransomware is then isolated and unable to spread to cause much further damage.

Similarly, it’s good practice to restrict staff from installing anything without system administrator permission. This reduces the risk of accidentally downloading malicious apps and software from suspicious websites which could contain ransomware. Any frustrations from staff at not being able to gain immediate access to something they know to be safe should far outweigh the potential harm that could be caused from unwittingly infecting the business. Consider placing a system administrator in charge of confirming downloads and installations if you don’t already have a process in place.


Tip 5: Educate employees on how to avoid security threats

Many security breaches are actually not caused by IT issues. In fact, it’s often the case that employees are the weakest link because so many security threats are socially engineered to trick people into downloading malicious software.

For example, it could be a case of an email with an attachment or link in it which comes from an unknown person or even a colleague but looks convincing. Or it could be a pop-up on a familiar website that encourages you to down a software add-on or an update for existing software you have – but in fact these are malicious files. This technique is known as a drive-by download.

In the past, poor grammar or unbelievable offers were hallmarks of trick emails or pop-ups but it’s increasingly the case that these are becoming more sophisticated and hard to spot. Publicly available personal data can be used to mimic a victim’s writing style so that when it is sent to contacts on that victim’s behalf, it looks more legitimate and is more likely to fool them.

Delete these emails or mark them as junk. Never reply to them, or you will receive many more, as responding will only validate your email address as a real target.