How we help

Technical consultancy

Assurance & Security

Innovation

Getting AI Ready

Adopting AI can seem complex, but it doesn’t have to be. The secret to successfully implementing AI is putting the right foundations in place.

Find out how

What we do

Getting AI Ready

Adopting AI can seem complex, but it doesn’t have to be. The secret to successfully implementing AI is putting the right foundations in place.

Find out how

Explore

Ransomware Tips: top 10 tips to keep your business protected

Ransomware NHS emergency 704x

Cyber apocalypse averted, it’s now time to take stock of last weekend’s global Wanna Decryptor ransomware cyber-attack, and work out how you can make sure your business doesn’t end up in the same state of crisis as the NHS did.

How the NHS fell victim to ransomware

It was no secret that the NHS was vulnerable to attack. UK defence secretary Michael Fallon has said the NHS was warned on “multiple occasions”. The NHS’s own head of security, Dan Taylor, last year highlighted the risks of unsupported operating systems and reduced funding. And ransomware attacks are nothing new for the NHS. Even before this weekend’s attack, around 30 NHS trusts in England had already been held ransom to cyber blackmail.

Dan Taylor highlighted seven known data security challenges in the NHS:

  • Unsupported OS browsers
  • Inappropriate staff training
  • Poor leavers, movers and changes processes for staff
  • Too many privleged system accesses
  • Significantly reduced investment funding
  • Limited situational awareness of cyber preparedness locally
  • Social engineering – sophisticated spear phishing

In this instance, it was the NHS’s failure to apply the March Windows OS update that left them exposed to Wanna Decrpytor. Unfortunately, this is unlikely to be the last of such attacks on the NHS.

What is ransomware?

Ransomware is used by blackmailers to demand payment from their victims in return for the release of their hijacked computers or systems. It can spread in many ways such as a link in an email or PDF, or a password-encrypted ZIP file which contains a PDF. These emails are sent under various guises, such as fake invoices, job offers, security warnings and undelivered email. Basically, the blackmailers encrypt your files so you can’t access them, then demand payment for the encryption key.

Our top 10 Ransomware tips to keep your business secure

Talk to our experts

Get a call back from one of our team to talk about your business.

  • Cloud Direct needs the contact information you provide to us to contact you about our products and services. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.
  • This field is for validation purposes and should be left unchanged.

Read more like this