Cyber attacks: what you need to know
PUBLISHED: 14:33 16 May 2017 | UPDATED: 14:33 16 May 2017
This content is subject to copyright.
The National Cyber Security Centre release the following advice following the recent cyber attacks in the UK and globally
Since the global coordinated ransomware attack on thousands of private and public sector organisations across dozens of countries, there have been no sustained new attacks of that kind. But it is important to understand that the way these attacks work means that compromises of machines and networks that have already occurred may not yet have been detected, and that existing infections from the malware can spread within networks.
The national focus must therefore be on two lines of defence:
1. Limit the spread and impact of the attacks that have already occurred. Due to broad government and partner efforts, a variety of tools are now publicly available to help organisations to do this. This guidance can be found on the National Cyber Security website – www.ncsc.gov.uk – under the title Protecting Your Organisation From Ransomware: www.ncsc.gov.uk/guidance/ransomware-latest-ncsc-guidance. Regular updates can be found on Twitter (@ncsc).
2. It is possible that a ransomware attack of this type and on this scale could recur, though there is no specific evidence that this is the case. What is certain is that ransomware attacks are some of the most immediately damaging forms of cyber attack that affects home users, enterprises and governments equally.
It is also the case that there are a number of easy-to-implement defences against ransomware which very considerably reduce the risk of attack and the impact of successful attacks. These simple steps to protect against ransomware are not being applied by either the public or organisations as thoroughly as they should be.
Three simple steps for companies to undertake include:
1. Keep your organisation’s security software patches up to date
2. Use proper anti-virus software services
3. Most importantly for ransomware, back up the data that matters to you, because you can’t be held to ransom for data you hold somewhere else.
Home users and small businesses can take the following steps to protect themselves:
1. Run Windows Update
2. Make sure your AntiVirus product is up to date and run a scan – If you don’t have one install one of the free trial versions from a reputable vendor
3. If you have not done so before, this is a good time to think about backing important data up – You can’t be held to ransom if you’ve got the data somewhere else.