Posted on May 25, 2017 at 9:12 am by Nigel Brokenshire
BeeAware of Ransomware
As we become more digitally enabled, the concerns about how secure your information is increases. The recent worldwide cyber-attack is a fine example of the potential risk. Understand what happened and be informed on what BeeMyMinder has put in place to help combat this, but also your role to be safe while online.
On the 15th of May, the National Health Service (NHS) was hit by a ransomware virus. It quickly spread through many hospital trusts, GP practices and other departments. What it meant was that key patient information
- Could not be accessed by clinical staff, putting patients at risk of their care, and
- Potentially releasing medical notes online.
The virus (was clicked on via an e-mail link) encrypted files on someone’s PC and potentially organisation’s server. A screen message was then displayed requesting money so the files can be unlocked. Staff could not access key systems, patient appointments were delayed and the NHS needed to shut-down servers and go ‘offline’.
What was discovered, was that key software patches had not been applied and in-turn left user’s valuable to viruses like this.
What needs to happen?
Many point fingers at the IT suppliers for failing to have the right antivirus software deployed on servers and PCs. But there is also greater awareness for users about suspicious e-mails. See point 4 below.
I’ve included below what Europol say you need to do (you can find more information here):
Europol: how to prevent a ransomware attack
- Back-up! Back-up! Back-up! Have a recovery system in place so a ransomware infection can’t destroy your personal data forever. Create two back-up copies: one to be stored in the cloud and one to store physically
- Use robust antivirus software to protect your system from ransomware. Do not switch off the ‘heuristic functions’ as these help the solution to catch samples of ransomware that have not yet been formally detected
- Keep all the software on your computer up to date. When your operating system (OS) or applications release a new version, install it. And if the software offers the option of automatic updating, take it
- Trust no one. Literally. Any account can be compromised and malicious links can be sent from the accounts of friends on social media, colleagues or an online gaming. Never open attachments in emails from someone you don’t know
- Enable the ‘show file extensions’ option in the Windows settings on your computer.This will make it much easier to spot potentially malicious files. Stay away from file extensions like ‘.exe’, ‘.vbs’ and ‘.scr’
- If you discover a rogue or unknown process on your machine, disconnect it immediately from the internet or other network connections (such as home Wi-Fi) — this will prevent the infection from spreading
Is BeeMyMinder safe?
Here is a link to our December 2015 article. I’ve extracted what BeeMyMinder has in place:
- To be clear, BeeMyMinder does not use your bank account details.
- We try to minimise the amount of personal data we need and leave as much as possible as optional. But if you want text alerts, we will need a mobile number.
- We have joined the Information Commissioner’s Office and registered on their Data Protection Register.
- In-addition we have committed to their Personal Information Promise and the 10 associated promises. This demonstrates the importance we place on being entrusted with personal information.
- We have confidentially agreements with our suppliers and providers. So each time we need to share your information we do so only with your explicit consent.
- When you access BeeMyMinder you enter your username and password. When you join we do ask for a memorable word in case we need to verify your account e.g. resetting a forgotten password.
- The password you choose needs to be of eight characters long and include upper and lower case characters. Some sites set no limitations on passwords.
- All the data is hosted IN THE UK with a well-known hosting provider that has fully owned state of the art Tier 3+ 2N Data centres (sounds technical, it is). With 24/7 365 support and multiple daily backups.
- BeeMyMinder has certified high-level 256-bit encryption, stopping traffic from being accessed by third parties. Remember that padlock!
- There is no mobile APP for BeeMyMinder, but when developed we’ll be applying additional levels of security for it to accessed from a mobile device.
It is more important than ever to be diligent while on the net. Having sql server licensing is helpful to prevent ransomware. Whether searching for information, clicking pop-ups (just don’t’ do it), opening unrecognisable e-mails etc. Spend that little bit of extra time, checking your antivirus software is up to date and any privacy settings on pubic websites are correct.