Menu visibility control



Startup Surgery

Most Recent


Your employer brand: How to be more attractive to tech professionals


Nick D’Aloisio’s news aggregation app Summly shut down by Yahoo


Top tech stats: London’s co-working community satisfaction, UK EdTEch investment and more

Press Releases

‘Connected finance’ app Curve hits £50m spend ahead of UK launch
“Coffee, networking and productivity”: Workspace disruptor ‘Lounge’ launches in London
Kompli-Global’s Technology Will Make Life Harder for Money Launderers

How to protect your company from the WannaCry malware that’s ravaged the NHS


Headlines over the past day or so have been dominated by the news that a strain of ransomware has been tearing around the globe infecting more than 120,000 computers.

NHS facilities and services have been hit particularly hard, but so have the likes of telecoms giant Telefonica, banks Santander and BBVA, plus companies and individuals in Russia, Japan and several other countries.

Called WannaCry, but also known as WanaCrypt0r and WCry, the ransomware is infecting computers and encrypting files, before demanding the user pay a ransom for their files to be decrypted.

Tech could revolutionise healthcare, if only people would give it a chance

WannaCry leverages a Windows vulnerability, which Microsoft released a patch for, known as MS17-010, in March. However, many organisations appear to have failed to install this patch, or are running old versions of Windows to which this doesn’t apply.

On Friday night, though, an unnamed cybersecurity researcher and Darien Huss, from security firm Proofpoint, found a way to stop the malicious software spreading.

“I had a bit of a look into that and then I found a sample of the malware behind it, and saw that it was connecting out to a specific domain, which was not registered. So I picked it up not knowing what it did at the time,” the nameless knight in shining armour told The Guardian.

He bought the domain for just $10.69 and noticed straight away it was registering thousands of connections every second. Basically, the malware has been making requests to that particular domain name and once these requests came back showing the domain was live, a “kill switch” was activated, stopping the malware from spreading.

We’re not out of the woods yet though, it seems. “This is not over. The attackers will realise how we stopped it, they’ll change the code and then they’ll start again,” said the unlikely hero.

Protecting your business

So just what can you do to protect your business from this malware, and other pieces of malicious software that are doing the rounds?

Tom Gaffney, security advisor at cybersecurity firm F-Secure, said: “Organisations should make sure they have a properly configured firewall and have the latest Windows security updates installed, in particular MS17-010, to prevent spreading.”

He went on to say that, as a general rule of thumb, companies should always use a “robust” security solution, keep software up to date and limit the use of browser plugins.

“Don’t let let your guard down with firewall hygiene – configurations from 2000 could have prevented this. Make sure to take regular back-ups, so that you can get up and running again quickly if you are attacked. And don’t open email attachments from someone you don’t know,” Gaffney added.

A spokesperson from cybersecurity solutions provider Bitdefender, said companies should disable the ‘Server Message Block’ service on their computer if patching is impossible, then install the patch, update their software and make sure they have all Windows updates on their machine. Firms should then backup their data on offline hard drives. The spokesperson stressed the ransomware malware can encrypt files on external drives such as a USB thumb drive, as well as any network or cloud file stores.

A Symantec blog post urged people to be extremely wary of any Microsoft Office email attachment that advises them to enable macros to view its content.

“Unless you are absolutely sure that this is a genuine email from a trusted source, do not enable macros and instead immediately delete the email,” it explained.

Those already infected by the malware are advised to not pay the ransom, as there is no guarantee the cybercriminals will adhere to their side of the bargain and could just demand further payment once an initial transfer has been made. Cybersecurity firms are looking for solutions, but unfortunately it could be the case that encrypted files cannot be retrieved. This whole shenanigans is essentially a stark reminder of the importance of maintaining good cybersecurity practices.

Enter your email address to receive updates straight to your inbox

* indicates required
Send me news on...

Editor's picks

man smiling at colleague

Your employer brand: How to be more attractive to tech professionals
posted 27 mins ago

Nick D’Aloisio’s news aggregation app Summly shut down by Yahoo
posted 19 hours ago

Top tech stats: London’s co-working community satisfaction, UK EdTEch investment and more
posted 23 hours ago


Iris Capital launches €250m European tech investment fund
posted on June 23, 2017

Startup Weekly: Welsh tech accelerator calls for applications, Virgin StartUp partners with WeWork and more
posted on June 23, 2017

Culture. There’s no app for that, Kalanick
posted on June 23, 2017