There is no doubt that ransomware can result in significant losses for business. However, with the recent WannaCry ransomware outbreak that has badly affected at least 25 organisations as well as several NHS services, it’s clear that this latest threat is far more sinister than those which have come before it.
What Makes WannaCry So Aggressive?
WannaCry is ransomware that acts like a worm. Its exploit method, called EternalBlue, exploits a Windows vulnerability in the SMB protocol, used for network file sharing. WannaCry seeks out any vulnerable Windows devices which may be attached to the network, and then quickly replicates itself.
Although Microsoft released a patch for this vulnerability in mid-March, many companies continue to struggle with how to control the infection.
Are You Concerned About Becoming Infected?
If your computers have not become infected, but you are concerned, the best way to protect your company is to ensure that Windows Update MS17-010 has been downloaded and installed on all of the Windows devices that are on your network.
In addition to ensuring the above update has been installed, you’ll also want to update all virus definitions. Disconnection from any and all third-party networks may also be a good idea if you want to ensure full system protection.
Are You Already Infected?
If your company has already been affected by WannaCry ransomware, the only way to effectively remove it is via the complete wiping of any infected hard drives. Once drives have been wiped, files can be recovered from recent backups.
In order to do this properly, any potentially-vulnerable systems must be powered off to contain the spread of the ransomware. Once this has been completed, all security updates should be downloaded before running a full anti-virus scan. Your software should be able to detect WannaCry ransomware, as most AV software has now been updated to do so.
Removal Tool Warning
There are many sites which claim to offer a tool that will remove the WannaCry ransomware from your company’s systems. If considering this route, it’s important to ensure that any site or software from a trusted source.
Keeping Infected Files
Despite WannaCry’s level of destruction, future eradication may be possible if a solution is developed. Therefore, you can also choose to keep your encrypted files until such time that a solution becomes available. This can be done by keeping a backup copy or drive image of infected locations.
Professional Data Wiping Services
If your system has already been infected, one of the best ways to ensure the complete removal of your data is to contact a professional. Our team at Absolute IT have developed a unique, market-leading means of erasing data. We use Blancco, a fully certified data erasure software tool, to eliminate all data from networks and media.
Absolute IT remains committed to the safety of all of the client networks under our care. Our full asset reports, data disposal certificate and certificates of destruction will help you to ensure compliance with regulations and give you peace of mind that your media was dealt with properly.