The latest ransomware attack on UK and global businesses has been linked to tax software from the Ukraine, according to BBC News today.
The software, called MeDoc, appears to be the primary source for the "NotPetya" ransomware virus, with the company sending a message via website update apologising to its customers "for the incovenience". MeDoc is a financial tech company that makes software to help people process accounts and tax returns. It seems that hackers breached the company's security procedures and placed the virus, which lay dormant for 5 days before being triggered with the likely aim of crippling activities in Ukraine just prior to a national celebration. Likely candidates for the breach include pro-Russian hackers.
Following a software update which MeDoc pushed to its customers on 22nd June, the attack was initiated and several large UK and worldwide organisations were affected, including British ad agency, WPP, Danish shipping company, Maersk and US Pharma company, Merck.
Your Accountancy Data
With more and more businesses transition to 'online', it's imperative that the solutions provided give the utmost security and failsafe backups. Anything less is simply gambling with your business. This is why The Financial Management Centre only partners with providers who spend considerable time, money and effort on the security of our data.
Xero, for example, stores data securly, behind multi-layered firewalls; the data is encrypted and there are multiple live backups. Extra security is provided at login, giving further peace of mind (read more). Kashflow, another of our software partners, follows a similar path to Xero, offering customers significant protection in multiple layers, whether it's in the transport of your data with Secure Socket Layer (SSL) protection to the physical security of the datacentres where your data is stored. Kashflow have partnered with one of the world's leading datacentres, Rackspace to give their customers both speed and security. You can find out more about Kashflow security here.
How to avoid Ransomware Attacks
In truth, it's not possible to guarantee 100% that you will never be affected by an attack such as the NotPetya virus, but you can certainly weigh things in your favour. Much like the house on your street with no lock on the door, old windows and no alarm system, computers are vulnerable to opportunist attacks. By having a robust security system in place, you can minimise the chances being affected;
- Always, always, always install Anti-Virus Software
- Enable Windows Firewall (or one provided by your AV Software)
- Update Windows. DON'T run an old operating system – attackers will find the vulnerabilities and companies like Microsoft work hard to put their metaphorical finger in the dam. Spend the money to keep your systems up to date, or risk your clients' data and possibly your entire business.
- Update and software on your computer.
- Back up your data, preferably to a cloud solution (but also to a physical drive)
- Employ 2 Factor Authentication (maybe with a physical 'key' as mentioned here in our last blog post)
- Change office passwords often, and when people leave your business.
Remember, as General Melchett said in Blackadder 4, "Security is not a dirty word".