As I’m sure you are all aware, on Friday 12th May 2017, a large cyber attack was launched which has been described by Europol as unprecedented in scale.
The attack is called WannaCry (or WannaCrypt, WanaCrypt0r 2.0, Wanna Decryptor) and is a ransomware program targeting the Microsoft Windows operating system.
By yesterday, there were believed to be more than 200,000 victims in 150 countries. However, that figure is likely to grow as people switch on their computers on Monday if their IT has not been updated and their security systems patched over the weekend.
What Should I Do?
If you’re lucky enough to have avoided the attack so far, don’t be complacent. You should still follow the steps below to do everything you can to prevent an attack:
- Check you have installed the Microsoft patch as this addresses the vulnerability used by Wannacry
- Fully educate your staff so they will know the difference between legitimate emails and sophisticated phishing emails. E-mail attachments or links to dropbox are some of the most widely reported sources of this attack.
How Can I Prevent a Phishing Attack?
Even companies with the most secure systems can be left wide open to phishing attacks because, more than ever, users are becoming the weakest link in network security. Phishing emails are becoming more and more sophisticated and one simple click is all it takes to cause devastation.
Can all of your staff spot the difference between a legitimate email and a phishing scam? Do you know how many of your corporate email addresses are exposed online? If you’re unsure, there are tools you can use to find out.
Email Exposure Check
Are you aware that many of the email addresses of your organisation are exposed online and are easy to find for cyber criminals? With these addresses they can launch social engineering, spear phishing and ransomware attacks. Click on the image to the right to access a free email exposure check which will show you just how many of your employees’ email addresses are exposed online.
Security Awareness Training
It is pretty much impossible to prevent phishing emails from entering your network and some of them look so authentic. The only way to be sure that your business is fully protected is to educate your staff. You can get first-hand training from a man who was once the worlds most wanted hacker to train employees to understand the mechanisms of spam, phishing, spear-phishing, malware and social engineering. Once your staff know how to spot a sophisticated phishing attack, your business data will be much safer.
Does it Really Work?
After a year of helping their customers train employees to manage the urgent IT security problems of social engineering, spear phishing and ransomware attacks, KnowBe4 analysed the statistics.
Looking at the simulated phishing attacks, the overall Phish-proneTM percentage (people who clicked on the KnowBe4 phishing emails) dropped from an average of 15.9% to an amazing 1.2% in just 12 months. The combination of web-based training and very regular simulated phishing attacks really works.
You can find more information on available tools to help you prevent a phishing attack here. Alternatively, please fill in the form below if you would like more information or a free email exposure check.