The 2017 WannaCry malware infection that spread like wildfire among businesses big and small made us all sit up and take notice. It reminded us that we're all at risk from cyber crime, and the impact it can have is of the business-killer variety.
Duncan Hughes, Systems Engineering Director at A10 Networks explains how small businesses can protect themselves against malware attacks like WannaCry, by following these best practices.
Download the latest patches
Update your operating system to the latest version and install all patches.
Doing so regularly will ensure your machine stays safe from unwanted malware and other vulnerabilities that attackers tend to exploit.
To protect against WannaCry, newer Windows versions can be patched with MS17-010, which Microsoft released in March (they released a patch for older systems in May).
Beware of phishing emails
While it's uncertain whether WannaCry uses phishing methods to gain a foothold on target machines, many ransomware attacks use phishing emails that contain a malicious link or attachment that will infect your machine.
Avoid clicking or opening any such attachment.
Back up your files
Regularly create and keep secure backups of your most important files and data. If your machine becomes infected, you'll then be able to easily restore your data.
Use up-to-date antivirus
Ensure you have the most up-to-date version of antivirus software that can thwart the latest types of viruses and worms, such as ransomware attacks.
Instil a security-first culture
Introduce and encourage a culture of cyber security diligence in your organisation. Enforcing simple tasks such as locking work stations, securing laptops, using strong passwords and alerting employees about phishing scams and other attacks can help prevent the spread of malware through an organisation or network.
Have a 'defence-in-depth' strategy
A10 Networks encourages using best-of-breed solutions for robust security and defence against the evolving threat landscape.
Having multiple layers of security increases the chances of catching and eradicating malware like WannaCry before it has the opportunity to wreak havoc.
A multi-layered defence will also mitigate the risk of any single device being compromised and being rendered ineffective.