London, UK, 12 May 2017 – You will all have seen the news today regarding a global ransomware attack that has hit many NHS trusts in the UK. Despite initial reports, this attack is not specific to the NHS but is targeting all organisations with unpatched systems. There are several ways to defend against such an attack, such as ensuring you have valid backups of your data; not opening suspicious attachments in emails and ensuring patching is up to date.
If you’re struggling to identify the vulnerable assets on your network, our partners Tenable are offering a free 60-day trial of Tenable.IO – to take advantage of this offer and gain visibility of all the assets on your network, register here.
Sapphire are urging all organisations to take precautionary measures against this ransomware attack by following the steps below:
- Ensure that all your devices are patched to the latest version of operating systems (specifically Microsoft)
- Patch all 3rd party applications to their latest versions
- Be vigilant in any use of email, specially containing attachments or links – urge your users to do so
- Remind your users – if they are in any doubt – do not open the email
- If your IT department or users want to check an attachment use a reliable source such as: https://threatemulation.checkpoint.com/teb/upload.jsp
- Do you allow your remote users VPN Access? If so, you may want to disable this for the next day or so until you are fully protected against the attack
- Port 445 should not be exposed unless needed
- Make sure IPS protections where available are up to date to prevent propagation
- Remind your users – If they notice anything unusual over the weekend to call their helpdesk directly or your emergency number directly
- Make sure your Backups are in order, if preventative actions fail, recovery is vital
Sapphire’s consultants are available to help, if you have any concerns about the security of your environment, please do get in touch. We offer consultancy, patch management solutions, forensic services following a security breach, anti-malware solutions and moving forward awareness and education for end users.
#breakthekillchain – contact Sapphire on firstname.lastname@example.org