I haven’t paid a lot of attention to the recent NHS cyber attack in the news, where the PC’s in many businesses worldwide, including many NHS sites, were shut down by the WannaCry ransomwhere. What has got my attention is the sheer amount of rubbish being spoken in the media, not helped by the fact that its election time. Lack of investment, whose fault it was, etc. etc.
What is Ransomware?
My understanding of this type of virus is that it is likely to be a “Trojan”, which has come from the internet most likely by an email attachment from an untrustworthy source. The attachment contains an executable that silently installs itself on the PC, ready for the time it is set to become active – a timebomb if you like. The idea is to infect as many PC’s as possible before it is activated, to increase the chances of some people who have not backed up their PC’s, paying the ransom so the activation time might be set to months in the future. It may also have come from an untrustworthy website that a user has browsed, but I personally think email attachments are much more likely.
What makes things worse is that anti-virus programs will not detect this until the anti-virus vendors are aware of the specific virus and can issue an update to the anti-virus software (some anti-virus programs keep a track of programs that are allowed to access the internet, I’m not sure if this would have helped in this case, because WannaCry may not have needed to access the internet once it was installed). Another problem is that once one PC in a network is infected, it might be possible depending on the virus and also other network settings, to infect all the PC’s in the network.
Is it Really Down to a Lack of Investment?
Taking the NHS as an example, what can this so called lack of investment pay for, if it was provided? As related previously, I’m not sure that having the most up to date anti-virus would save you in this case, although obviously it is a good idea generally to have an anti-virus program and keep everything up to date (only one anti-virus program though, having many on the same PC is a duplication of effort and can slow down the PC excessively). While you can always argue that extra computer staff would be better, I don’t think that is the solution either. Not having enough money is an easy excuse, at some point you have to think about what actually the problem is and what you can actually do about it.
How to Protect your Business from Cyber Attacks
What is really needed in my opinion are two things and they need not be that expensive because the same concepts could be applied to the whole of the NHS (for example):
- Decent email security via the NHS email servers – this scans for viruses before the email is delivered to the individual PC. I don’t have a package I could recommend, but I do know its possible. I personally have used the 1 and 1 email system for my personal and business emails for years, and its a very good system. There is very little spam, and very few mistakes made in terms of stopping non-spam from reaching my inbox.
- A decent webfilter – a webfilter is a software package that is installed on a network server and which stops users from browsing websites that are not related to the business use of the computers concerned, e.g. news, travel, and especially, messaging and email. Allowing users to browse the internet on work PC’s is not only a source of interruption or distraction and potential time waster for the business concerned (just stopping Facebook would probably half the distraction but I digress), but particularly if email websites are allowed to be accessed it bypasses any email security that the business has set on its email servers, because the attachments on personal emails can also be used to infect PC’s in this way and massively increases the chances of the network being infected.
How to Protect your Home Computer from Cyber Attacks
- Keep your anti-virus software up to date
- Turn on automatic updates on your computer
- Use the best mail server possible with the best anti-spam
- Do not open attachments or click links on emails that could be spam
- Turn on the Windows Firewall in all PC’s in your network, to help prevent contamination from other PC’s.
These points are especially important if you have children accessing the internet in your household. You could consider activating parental controls in your internet router if it has this feature (I personally had two networks at home when I had children at home, because I worked at home and didn’t want my work network being infected from some of the rubbish websites that teenagers look at).
Why have so many PC’s been infected worldwide? Well as related it can only take one attachment opened by mistake in the past six months by one person to infect an entire network. Many users are not that computer savvy, despite all the warnings they will still do it, particularly if the email looks half genuine.
If the solution is as simple as I’ve suggested, why hasn’t it been done in the NHS? Its like anything where many people are concerned, just getting it agreed I think will be the problem in many cases. If the managers use the internet themselves to do their shopping, book their holidays etc, they are unlikely to agree to buying a package that stops them from doing that and worse, can report on internet usage and actually discipline staff for misuse of the company internet access. I wouldn’t be surprised if the attitude was “I work hard, I’m entitled to a bit of free internet time”. Personally I think not having a decent webfilter is a big problem with the number of interruptions or opportunities to access Facebook rather than do any work seriously affecting productivity in many cases, but that’s another subject.