Update on International Ransomware Attack from Hampshire Constabulary Cyber Protect Team
As I’m certain you will all have seen, read and heard about by now, organisations across the UK and Europe have this weekend been targeted by a co-ordinated ransomware attack.
What we know:
Several large organisations world wide are known to be affected. At this stage there is no obvious targeting; the organisations are from various countries and appear not to be related.
While large enterprises made the news, small business users and home users may be affected as well. It is estimated there are more than 200,000 victims according to various anti-virus vendors.
At this stage, we have one confirmed organisation affected in Hampshire.
How the infection was spread is still subject to investigation. It has been suggested that the initial infection originated from e-mail attachments, but the possibility it was spread through ports left open on computers is also being looked at. It has been successful on older versions of Windows operating system only. A patch that fixed the vulnerability on Windows Vista, 7-10, and Windows Server 2008-2016 was released in March – which highlights the importance of updating software and operating systems as soon as the updates are sent out.
A patch (security fix) for Windows XP has now been installed. Very few of those targeted paid the ransom.
We continue to work closely with the regional South East Organised Crime Unit, in support of the National Crime Agency, which is leading the investigation in the UK. We are also working closely with the National Cyber Security Centre, which is leading on the national Protect response – which this team is part of.
We have been issuing advice all weekend via our @HCCyberProtect Twitter account, which we encourage you all to follow and urge other businesses to follow also. We will continue to issue further advice and tips via this account through the coming weeks. It is important to note that we do not believe there is any specific ongoing threat to any organisation in Hampshire and the Isle of Wight.
Co-ordinated cyber attacks of this nature are thankfully rare, but can cause loss and disruption to people’s lives and livelihoods. We firmly believe by taking a few simple steps now, businesses can put themselves into a strong position of protecting their computers, devices and networks from future threats. Whilst preventing ransomware attacks altogether may not be guaranteed, by introducing regular back-up protocols and some simple, inexpensive security measures, businesses can mitigate the risks and minimise the damage.
Here is a handy one-shot guide to spotting the tell-tale signs of a phishing e-mail. Our key message to never click on a link in an email if you are not 100% sure who it came from has never been more important: