It is being widely reported that a new wave of cyberattacks is currently hitting companies and governments. The attack has spread around the globe in a matter of hours, affecting the Ukrainian government, Russian enterprises, and other companies throughout Western Europe. Just like the WannaCry ransomware that struck worldwide in May, the new attacks apparently involve malware that encrypts or otherwise restricts access to computers and systems—and apparently the malware exploits some of the same vulnerabilities as WannaCry. Like a typical ransomware attack, the attackers demand that the victims pay to receive the decryption key or to otherwise recover access to the compromised machine.
As we noted in May after the WannaCry attacks, it was highly likely that ransomware would continue to be weaponized and used against numerous companies at once. Less than two months later, here we go again. These attacks are a wake-up call; it should be abundantly clear by now that global attacks are becoming a new normal. We do not, however, counsel despair. To the contrary, our team is working with companies around the world to help them be more resilient in light of these evolving threats. In the face of these increasing risks of attacks, there are a number of key steps that a company can take to protect itself from the inevitable next wave of attacks, including:
- Make sure software patches are routinely applied.
- If possible, only use supported operating systems and other software.
- Utilize antimalware and antivirus software tools and services.
- Back up your critical data.
- Train your employees on how to spot phishing emails.
- Create a cross-functional incident response plan.
- Practice responding to a ransomware attack in a table top exercise to be able to hit the ground running when this type of event occurs.
- Establish or enhance relationships with law enforcement and other critical partners.