How to Be Prepared for the Next Cyber-Attack

May 16, 2017

Over the weekend, an estimated 300,000 PCs in 150 countries were infected by the WannaCry “ransomware.” It was the fastest-spreading cyber-attack in history affecting as many as 9000 machines per hour. While experts around the globe continue to dissect the attack and determine the underlying motive, now is a great time to ensure your business has a solid security posture.

Wannacry 1
May 2017 WannaCry Ransomware Attack

First things first: The threat is not over — according to experts, another large-scale attack is possible. You should:

  1. Send a communication to end-users letting them know of the threat and to NOT click on suspicious emails (this can be done fast to get the word out). Users should NOT open any attachments they are not expecting to receive. 
  2. Install MS17-010: It is critical that you install all available OS updates to prevent getting exploited by the MS17-010 vulnerability. MS17-010 fix was issued by Microsoft in March 2017, so machines that received the March update with MS17-010 are fixed.
  3. Install the emergency Windows patch for older systems: Microsoft issued a one-off security fix for three operating systems that are no longer in support: Windows XP, Windows Server 2003 and Windows 8. Go to the Microsoft Update Catalog to find the corresponding security update, add to basket and download.
  4. Add a notification sentence to each inbound email from external sources that warns the user this is an “Email from External Source.” This serves to heighten user awareness when opening emails and can be set by your email server administrator. 

Best Practices Going Forward:

  1. Be hyper-aware of suspicious emails. Educate your staff of basic security dos and don’ts. Host a workshop that covers security fundamentals. We have found them to be beneficial for our team. 
  2. Have a solid patching strategy. Those pesky Microsoft updates happen for a reason! At the enterprise-level, we’ve helped businesses implement an organization-wide patching process that happens automatically and more importantly, without impacting users' work day.
  3. Review your data back-up strategy and recovery plans, including segregation of back-up copies from local networks, criticality of systems and data, and recovery processes.  Make sure you test your recovery strategy at least once a year.
  4. Review or implement a security incident response plan to ensure everyone in the organization understands their roles and responsibilities, as well as the expectations of remediation timeframes associated with the threat score. 
  5. Determine your risk. Have you assessed your systems and security protocols? Understanding your level of risk exposure can help you be prepared to respond and recover in the event you’re affected by a Cyber-attack.

Cyber attacks are the unfortunate norm in today’s business climate. Contact us if our team can be of assistance in helping address any of your security needs.

Information and material in our blog posts are provided "as is" with no warranties either expressed or implied. Each post is an individual expression of our Sparkies. Should you identify any such content that is harmful, malicious, sensitive or unnecessary, please contact marketing@sparkhound.com.

Meet Sparkhound

Review our capabilities and services, meet the leadership team, see our valued partnerships, and read about the hardware we've earned.

Engage with us

Get in touch with any of our offices, or check out our open career positions and consider joining Sparkhound's dynamic team.