In order to protect the public and businesses from ‘WCry’ or ‘WannaDecrypt0r’ ransomware, the National Crime Agency (NCA) is working closely with a range of partners both in the UK and overseas. The NCA leads the UK law enforcement response to cyber threats and is investigating this incident with the National Cyber Security Centre (NCSC).
Key Protect messages for businesses to protect themselves from ransomware:
- Install system and application updates on all devices as soon as they become available.
- Install anti-virus software on all devices and keep it updated.
- Create regular backups of your important files to a device that isn’t left connected to your network as any malware infection could spread to that too.
The National Cyber Security Centre's latest technical guidance includes specific software patches to use that will prevent uninfected computers on your network from becoming infected with the "WannaCry" ransomware.
Additional in-depth technical guidance on how to protect your organisation from ransomware is also available from the NCSC and on the Microsoft website.
The NCSC has also provided guidance and advice for companies and individuals.
Key Protect advice for individuals is essentially the same, with one additional point:
-
Install system and application updates on all devices as soon as they become available.
-
Install anti-virus software on all devices and keep it updated.
-
Create regular backups of your important files to a device (such as an external hard drive or memory stick) that isn’t left connected to your computer as any malware infection could spread to that too.
-
Only install apps from official app stores, such as Google’s Play Store, or Apple’s App Store as they offer better levels of protection than some third party stores. Jailbreaking, rooting, or disabling any of the default security features of your device will make it more susceptible to malware infections.
Criminals use opportunities like this to further defraud people using phishing and smishing tactics. We would therefore urge people to be cautious and wary when contacted by people who claim to be from the NHS in relation to the ransomware attack.
The protect advice for phishing and smishing is as follows:
- An email address can be spoofed. Don’t open attachments or click on the links within any unsolicited emails you receive, and never respond to emails that ask for your personal or financial details.
- The sender’s name and number in a text message can be spoofed, so even if the message appears to be from an organisation you know of, you should still exercise caution; particularly if the texts are asking you to click on a link or call a number.
- Don’t disclose your personal or financial details during a cold call, and remember that the police and banks will never ring you and ask you to verify your PIN, withdraw your cash, or to transfer your money to another “safe” account.
Any individuals or businesses who believe they have been a victim of the ransomware attack are urged to report to Action Fraud.
For up to date fraud and cyber crime alerts, people are advised to visit the Action Fraud website and follow us on Twitter and Facebook.