News

WannaCry Ransomware: Latest NCSC Guidance

The National Cyber Security Centre (NCSC) has released its latest guidance note for small business and enterprise users  about the WannaCry ransomware that was behind the much publicised worldwide cyber attack that infected millions of computers. 

Areas affected by WannaCry Ransomware

This guidance note is aimed at supporting businesses to tackle the threat that version 2 of WannCry poses to their cyber security.

The NCSC is aware of a ransomware campaign relating to version 2 of the “WannaCry” malware affecting a wide range of organisations globally.

NCSC is working with affected organisations and partners to investigate and coordinate the response in the UK.  This guidance will be updated as new information becomes available.

From investigations and analysis performed to date, we know that the malware encrypts files, provides the user with a prompt which includes a ransom demand, a countdown timer and bitcoin wallet to pay the ransom into.

What is WannaCry?

WannaCry is a type of malicious software known as ransomware. Ransomware makes your data or systems unusable until the victim makes a payment. Ransomware can also be referred to as malware. Malware stands for malicious software.

How does WannaCry work?

The malware uses the vulnerability MS17-010 to propagate through a network using the SMBv1 protocol. This enables the malware to infect additional devices connected to the same network. This particular form of ransomware was designed specifically to target versions of Microsoft’s Windows operating system.

What can you do to protect your business from WannaCry?

‘WannaCry’ guidance for enterprise administrators can be found here

‘WannaCry’ guidance for small business users and home users can be found here

What to do if your business has been infected with ransomware

The NCSC has also advised that you take appropriate action if you believe you have been infected by ransomware, There are a number of sources of further advice and guidance:

  • The National Crime Agency encourages anyone who thinks they may have been subject to online fraud to contact Action Fraud at www.actionfraud.police.uk.  It is a matter for the victim whether to pay the ransom, but the NCA encourages industry and the public not to pay.
  • The National Cyber Security Centre (NCSC) runs a commercial scheme called Cyber Incident Response, where certified companies provide crisis support to affected organisations.
  • The Cyber Security Information Sharing Partnership (CiSP) offers organisations in the UK a safe portal in which to discuss and share intelligence that can assist the community and raise the UK’s cyber resilience. We encourage our members to share technical information and indicators of compromise so that the effects of new malware, and particularly ransomware, can be largely reduced

How can I show my business is cyber secure?

Business certification is available to show potential clients or buyers that your organisation is cyber secure through the Cyber Essentials certification. Under this scheme, which is backed by Government and supported by industry, organisations can apply for a badge which recognises the achievement of government-endorsed standards of cyber hygiene.

For more information on Cyber Essentials and how this can support you to win contracts with the Military of Defence in the UK check out more information here

Free Tender Search

Recent Posts

 

Who are we?

From publishing the first national directory of public sector contracts, to being the first to market with our online Tracker solution, we have been the true pioneers of technology and innovation in the public sector marketplace. Throughout our 39 years, we have continued to evolve and chart new territory – placing our customers at the heart of everything we do. Take your business to the next level with Tracker now.

Try out DCI Today

Try out DCI Today

    BiP Solutions owns Tracker and we look after your details carefully. We offer a range of products, services and events (some of which are free) that help buyers tender more efficiently and suppliers find, bid for and win public and private sector contracts. Only tick this box if you wish to receive information about these. We will never share your details with third parties and you will have the opportunity of opting out of communications every time we contact you. For further details, please see our Privacy Policy