CT reassures customers in wake of NHS cyber attacks | Central Technology

CT reassures customers in wake of NHS cyber attacks

WannaCry Screenshot

CT would like to assure all our customers that every possible control strategy has been put in place to protect them against the latest wave of cyber attacks.

And in addition to the steps outlined below, it is holding a 20-minute webinar for customers, from 3pm on 8 June, to show them how to protect their networks and data against similar attacks in the future. 

To secure your place, call CT on 01246 266130 or email richard.thompson@ct.co.uk.

About WannaCry

Ransomware attacks continue to spread, following the initial damage inflicted on healthcare organisations by ‘WannaCry’ malware across Europe on Friday.

Although the spread of WannaCry is different from any ransomware software seen previously, as it spreads through a flaw in SMB (Service Message Block), the initial infection can still come through traditional methods such as spoof emails, typically with a zip file supposedly containing an invoice.  

 This flaw was patched in Microsoft’s March 2017 update cycle, but many organisations had not run the patch or were using unsupported operating systems (like Windows XP), or operating systems that were not fully patched.

According to the British Medical Journal, 90% of NHS computers continue to run Windows XP.

Although the patch protects against WannaCry, other critical security flaws in Windows XP are not being patched. It is therefore important for organisations to run supported and fully-updated operating systems and continue to remain vigilant when opening emails.

We’re pleased to say that, at the time of writing, no CT customers had been affected by this attack, as a result of our CryptoBlocker and AV solutions. However, this should not lead to complacency. CT is warning all users need to remain vigilant when opening emails and if in doubt, to not  do not open the e-mail or attachment.

 How are we protecting our customers?

  • CT’s own Cryptoblocker tool that we proactively deploy to all customer servers has a definition to block WannaCry.
  • ESET released a definition at around 13:00 on Friday to block WannaCry.
  • CT is recommending all customers to migrate to Webroot, which blocks malware based on suspicious activity rather than by definition. The engine in Webroot will detect and block WannaCry at the point of release without requiring a definition update.
  • CT is recommending customers ensure antivirus and Microsoft updates have not been paused or rejected by users.  For the avoidance of doubt users should be instructed to run these updates manually as a matter of urgency.
  • In addition to deploying Webroot SecureAnywhere as part of a strong endpoint control strategy, it is essential you continue to keep your systems up-to-date on the latest software versions, and invest in user education on the dangers of phishing, ransomware, social engineering and other common attack vectors.
  • CT is warning all users need to be vigilant when opening emails.
  • The National Cyber Security Centre has recently published guidance on the WannaCry malware attack.

If you have any concerns or you continue to have Windows XP operating systems within your IT estate, please do not hesitate to contact the CT account management team.

  • Share: