There has been a lot of information circulating about recent virus outbreaks that have hit large organisations such as the NHS, manufacturing and Telecoms for example. People are banding about the terms WannaCry (the name of the virus in this instance) and ransomware and causing a panic about a situation that whilst important has not changed just with the recent outbreak.
There are two main ways that a virus will propagate. The first is by fooling someone into running them. Generally, they pray upon statistics. If you send an email to enough people mentioning a recent purchase on a popular website (such as Amazon), some people will have done this and this naturally will cause them to let their guard down. They might open an invoice attached to said email and infect themselves.
The second method is to use an exploit within certain software itself. This causes it to behave in a way that allows the virus access in a way that is not typically allowed.
A Virus can do a multitude of different things, but the overriding commonality between them all is that they can cause a disruption to your business.
You can however both reduce the likelihood of getting affected whilst mitigating the damage it could cause if you were to get infected.
- Training staff members to vigilant of all attachments and links from unsolicited emails even from family, friends or colleagues. If you receive an email with very unspecific information “have a look at this” should raise suspicion. If in doubt reply by simply asking the sender “did you send this”? A real person will respond, a virus will not.
- Be aware when clicking on links within emails or documents. Some will hide the site they go to. Hovering over any links will show you the actual site it will go to, if it looks suspicious do not click on them. If the site it takes you to asks for usernames and passwords be wary. Check the address is correct and know that people might use addresses that are very similar (or misspelled) to fool people. Another common trick is a page might hide the address bar so you can not verify you are in fact on the wrong page.
- Updating your software to supported versions and regular patching will help reduce the chance of exploits within the software itself. This method of propagating is much more dangerous because it allows programs to spread at the speed of computers rather than people.
- Running a virus checker on client PC’s that is up to date will help reduce infections. Known viruses are stopped from executing, preventing it from doing any damage and spreading.
- Organisations should think about security at all entry points to their systems. Be it from the web (use a firewall capable of detecting and stopping threats), emails (having email protection for spam and viruses), endpoint protection, as well as potentially preventing viruses from user carried devices (such as CD/DVD) or USB devices.
However, be aware that even with up to date systems and a multitude of layered security, there is always the potential to be infected. Therefore, make certain that you are backing up required systems and information and that those backups are both complete and stored in a safe location. Organisations should also consider a virus outbreak as part of any business continuant plan.
Author: Mike Caley, Cloud Infrastructure Engineer