A CORK cyber security expert has reminded businesses and computer owners to secure their systems in the wake of a global cyber attack that has now spread across 150 countries.
The ‘WannaCry’ cyber attack began last Friday and has continued over the last 24 hours, targeting banks, transport networks, hospitals and businesses across the world.
By using a combination of ‘ransomware’ and exploiting vulnerabilities in the Windows system, WannaCry spread to up to 200,000 devices, although there are fears this number may rise as the full-scale of the attack is realised.
It’s unusual to see this form of malware on such a large scale, according to Robert McArdle, a threat research expert with Trend Micro, the Cork-based global leader in IT security.
There were two important aspects to this attack, he added.
“The first part of this attack used ransomware, which is encrypting important files and demanding a ransom for their release. That’s nothing new, we’ve seen this before,” he said.
But it was the way this attack spread that makes it different, according to Mr McArdle.
“It required little-to-no user interaction to do so,” he said, adding that this allowed the virus to spread rapidly between computers on the same network.
“It used a vulnerability in Windows but Microsoft released a fix for this two months ago,” Mr McArdle said.
“In the case of companies who delayed this update, they could be the ones who are affected.”
When asked what should be done to ensure your system is safe against this or future attacks, Mr McArdle said: “The sad thing is there isn’t anything different, it’s age old advice - make sure your system’s software patches are up-to-date and your antivirus software is also up-to-date,
You need to have a good backup system in place, preferably multiple backups. That way, if you do get hit, you have a few options on how to restore.”
Mr McArdle also advised not to pay any ransom, if it is demanded, should your files be compromised during a cyber attack.
“It is literally an extortion scheme. When you’re paying money, you’re paying money to criminals. Our advice is generally not to.”
Meanwhile, the HSE confirmed its system will remain offline for 48 hours from Monday to isolate itself against the attack.
As a precaution, emails were blocked on Friday and remain blocked as vulnerable systems’ patches are updated.
Just one infection has been detected in Ireland so far, at a healthcare facility in Wexford. This has since been isolated.
High profile victims of the WannaCry attack include the U.K’s National Health Service, the Deutsche Bahn, FedEx, Russia’s ministry of the interior, Renault and Telefónica.