Security advice in the wake of WannaCry and Not(Petya)

Posted by   Martijn Grooten on   Jun 30, 2017

The recent outbreaks of WannaCry and (Not)Petya have left many users and organizations understandably confused about what to do and how to fend off such attacks. Thankfully, security experts are always happy to give advice. I decided to collect together and compile a list of the most important, and most frequently given, advice.

• Always install software patches, especially those fixing security issues – but be aware that some 'security fixes' are fake and actually install malware, and that sometimes, as in the (Not)Petya case, update mechanisms may be compromised to serve malicious updates.

• Only open attachments in emails from people you know – but note that cybercriminals may forge email addresses from people in your address book, or may compromise their email accounts to send malicious emails, so even if an email appears to have come from someone you know, it may not have done.

• Never enable macros when you are asked to do so – although, to get Adobe Reader to print a PDF document you just downloaded, you will need to ignore the warning and click "Enable All Features".
  
  

• Make sure you keep regular backups to which you have easy access in case of a ransomware infection – but note that the easier it is for you to access your backups, the easier it will be for ransomware to encrypt your backups too.
  
  
• Never pay the ransom – although be aware that, in some cases, paying the ransom may be your only chance of getting your data back.
  
  
• Always upgrade to the latest version of the operating system you are running – although note that software that may be essential to the running of your business or organization may not be compatible with recent operating systems.
  
  
• Follow the advice of security experts – but note that security experts are known to disagree with each other.
  
  

Security. It's complicated.

Latest posts: