As I’m sure you already know, Friday, 15 May, saw the beginning of a global ransomware attack, hitting hundreds of thousands of businesses around the world. Like most companies, we have taken stock of the situation and sent some simple instructions to our staff so that we can avoid becoming infected.
We would like to share these with you, but before we do that, we cannot stress highly enough the importance of having a good email scanning system in place to avoid malicious content ending up mailboxes and web filters to block dangerous sites in your browsers.
- Use strong passwords. Companies are often subject to brute-force attempts on their servers, and whilst these can be blocked, it just takes someone with “password123” or “Passw0rd!” as their password for someone to break in, no matter how much security is placed on your servers.
- Be very careful what links you click on in an email. Just because it looks like an email from Amazon or eBay, for example, doesn’t mean that it is from them. Phishing attacks are on the increase. Likewise, with links to content on sites – don’t click on them if you are not absolutely sure. You never know what you’re connecting to.
- If you get an unusual, odd, or suspicious email purporting to be from someone you know, stop, and think about why you’ve received the email, and if you aren’t sure, contact the person directly. Do NOT hit reply to a suspicious email, as if it’s a phishing attack you’ll just reply to the perpetrators.
- Do not run or install software on your company PC that shouldn’t be there.
- Make sure your PC is up-to-date with the latest patches and updates. Don’t turn off the automatic updates. Most updates include security fixes, so it’s important to keep up with these.
- Reboot or shut down your PC every night. It might be a pain every morning to start your programs all over again, but it’s one of the simplest protections.
- Ensure you are using an up-to-date anti-virus and/or anti-malware suite. This is vital.
If you think you may have an infection, speak to someone in the tech teams. Don’t risk ignoring it. It happens to us all at some point or other, and early intervention can prevent a bad situation becoming a crisis.
- Finally, apply some good old-fashioned common sense. If it looks too good to be true, it probably is. Stay away from sites you shouldn’t be going to with a work PC or during work hours. Stop and think before clicking on that link in an email, attachment, or website.
We hope you find this useful and that you are enjoying a normal, productive day.