There is no doubt that ransomware can result in significant losses for business. However, with the recent WannaCry ransomware outbreak that has badly affected at least 25 organisations as well as several NHS services, it’s clear that this latest threat is far more sinister than those which have come before it.
What Makes WannaCry So Aggressive?
WannaCry is ransomware that acts like a worm. Its exploit method, called EternalBlue, exploits a Windows vulnerability in the SMB protocol, used for network file sharing. WannaCry seeks out any vulnerable Windows devices which may be attached to the network, and then quickly replicates itself.
Although Microsoft released a patch for this vulnerability in mid-March, many companies continue to struggle with how to control the infection.
Are You Concerned About Becoming Infected?
If your computers have not become infected, but you are concerned, the best way to protect your company is to ensure that Windows Update MS17-010 has been downloaded and installed on all of the Windows devices that are on your network.
In addition to ensuring the above update has been installed, you’ll also want to update all virus definitions. Disconnection from any and all third-party networks may also be a good idea if you want to ensure full system protection.
Are You Already Infected?
If your company has already been affected by WannaCry ransomware, the only way to effectively remove it is via the complete wiping of any infected hard drives. Once drives have been wiped, files can be recovered from recent backups.
In order to do this properly, any potentially-vulnerable systems must be powered off to contain the spread of the ransomware. Once this has been completed, all security updates should be downloaded before running a full anti-virus scan. Your software should be able to detect WannaCry ransomware, as most AV software has now been updated to do so.
Removal Tool Warning
There are many sites which claim to offer a tool that will remove the WannaCry ransomware from your company’s systems. If considering this route, it’s important to ensure that any site or software from a trusted source.
Keeping Infected Files
Despite WannaCry’s level of destruction, future eradication may be possible if a solution is developed. Therefore, you can also choose to keep your encrypted files until such time that a solution becomes available. This can be done by keeping a backup copy or drive image of infected locations.
Professional Data Wiping Services
If your system has already been infected, one of the best ways to ensure the complete removal of your data is to contact a professional. Our team at Absolute IT have developed a unique, market-leading means of erasing data. Our mobile data erasure and media destruction vehicle can wipe any type of media, from hard drives to laptops, and server infrastructure to USB keys. We use Blancco, a fully certified data erasure software tool, to eliminate all data from networks and media.
Our secure mobile vehicle is also equipped to provide a range of solutions beyond data erasure. We offer secure media destruction, which can shred even hard drives to 6mm particulate. For media that has reached its end-of-life, we offer secure office boxes, which can be ordered from us and delivered to your location. You fill them with your unwanted media, and when full, contact us. We arrive at your location with our secure mobile vehicle to commence destruction of your unwanted media.
Absolute IT remains committed to the safety of all of the client networks under our care. Our full asset reports, data disposal certificate and certificates of destruction will help you to ensure compliance with regulations and give you peace of mind that your media was dealt with properly.