Measures to Protect Against Malicious Ransomware

Posted on May 16, 2017December 12, 2019

In the wake of the recent, global WannaCrypt ransomware attack, which crippled thousands of computers in more than 200,000 organizations and 150 countries, AAFCPAs would like to remind clients of the critical importance of taking measures to protect against malicious cyber-attack.

What is ransomware and WannaCrypt?

Ransomware is a malicious software that locks a device, such as a computer, tablet or smartphone and then demands a ransom to unlock it. The latest WannaCrypt, otherwise know as “WannaCry,” ransomware used a flaw in Microsoft’s software. It is reported that the vulnerability was discovered by the National Security Agency long ago, and was leaked last month by hackers to spread rapidly across networks. Reports on Friday, May 12^th, 2017 indicate the impact started in England as 47 National Health Service trusts were affected, causing significant disruptions in their operations.
AAFCPAs’ IT assurance, security and governance professionals have seen increased activity in ransomware attacks, and we expect the trend to continue as attackers target systems vulnerabilities.

What can you do to minimize your ransomware vulnerabilities?

Patch your systems (OS and software) regularly. Have the systems auto download patches when able, and check daily for any updates & install accordingly.
Back up your data daily, at a minimum, and store it in a separate system where you may access it on demand in the event your primary system is infected.
Install and keep your antivirus and malware software updated.
Educate your employees on the risks of ransomware, computer hack attacks, and phishing emails. This includes alerting them to what to look for, and how to respond if something looks suspicious. If something does not look right, it probably isn’t.

Awareness is critical. Unfortunately, this is a new era in cyber-security, and your entire organization needs to be aware of all the latest developments in order to better guard against, and minimize the risk of becoming a victim of a cyber-attack.
For a cyber-security assessment, or advice on how to protect your organization against ransomware or cyber-attacks, please contact James Jumes at 774.512.4062, jjumes@nullaafcpa.com, Vassilis Kontoglis at 774.512.4069, vkontoglis@nullaafcpa.com or your AAFCPAs partner.

About the Author

James Jumes, MBA, M.Ed.

James joined AAFCPAs in 2013 to lead the firm’s Business Process & IT Consulting practice. He leads a team of senior technologist in the delivery of solutions related to business intelligence & productivity, information risk management and cybersecurity, and special IT attestations, compliance, and certifications. His goal is to strengthen the links between people, process, and technology, which increases productivity and drives business growth. James has more than 30 years of experience working with information technology …

Related Insights

Safeguarding Against Holiday Season Phishing and Cyber Threats

AAFCPAs would like to remind clients that the period between Thanksgiving and New Year’s is a prime time for phishing and other malicious cyberattacks. Cybercriminals take advantage of increased internet shopping, debit/credit card use, and the influx of holiday offers to deceive individuals into disclosing sensitive information. Now more than ever, vigilance is required in […]

Shift in EEC Funding Model Requires Business Process Assessment

Effective October 1, 2024, the Massachusetts Department of Early Education and Care (EEC) shifted its contract reimbursement from a primarily unit-rate model to a mix of unit-rate and cost-reimbursable contracts. Under the new contracts, childcare seats will be reimbursed on a unit-rate basis while administrative and supportive services will be funded through cost reimbursement contracts. […]

Cost Center Coding Strategies for Effective Grant Reporting

For complex human and social services providers, managing grants and ensuring compliance can often feel like navigating a labyrinth. One effective strategy to simplify this process is through cost center coding. AAFCPAs provides the following detailed guidance on how to leverage cost center coding to streamline grant reporting and maintain compliance. Design Your Cost Centers […]