Cybersecurity – Global Ransomware Attack
Ransomware can be a very effective means of breaching IT security to extort money by encrypting data or otherwise making data inaccessible to its owners and users. Organisations need to stay one step ahead of cyber criminals to be able to prevent an attack, or to minimise the impact if they fall victim to a security breach.
The latest global cybersecurity attack — known as WannaCrypt or WannaCry — exploits vulnerabilities in older versions of Microsoft Windows to lock users' files and demand a ransom to release them. So far, it has claimed an estimated 200,000 victims in around 150 countries.
Fortunately for Australia, we’ve been spared the brunt of this attack because it unfolded during our weekend, so ransomware emails were less likely to be opened to spread malware through corporate IT systems. However, copycat variants of the malicious code have also started to spread, so the risk has not yet been entirely contained.
Employee Engagement is a Vital Defence
This ransomware event clearly demonstrates that employees can be a weak link in your cyber defences. This is why employee education and engagement is so important. With targeted cybersecurity awareness training, employees can be activated as effective protection against cyber threats for your organisation. FTI Consulting recommends implementing a comprehensive and ongoing Cybersecurity Staff Awareness Training program to educate employees to detect current and emerging cybersecurity threats, and to clearly articulate your organisation’s expectations around threat mitigation and management.