NCSA Statement on the Ransomware Attack
Washington, D.C., May 13, 2017 – The world was hit with a widespread ransomware attack starting Friday morning (BBC, NYT, WSJ). Preliminary reports suggest at least 75,000 computers in 99 countries were affected.
The ransomware attack locked the files of impacted systems and demanded payment — $300 in bitcoin — to release the data. Ransomware is not new. The first known ransomware attack — using file encryption — was in 1989. In recent years, ransomware attacks have been increasing as cybercriminals become more sophisticated and as crypto-currencies create a vehicle for non-traceable payments.
“Friday’s attack is a loud and clear wake-up call,” said Michael Kaiser, executive director of the nonprofit National Cyber Security Alliance in Washington, D.C. “The attack was global in reach, and its impact was significant. When we see whole systems like the National Health System in the United Kingdom directly targeted, it reinforces how dependent we have become on our data-driven networks. It is of utmost importance that cybersecurity of those networks be a top priority of businesses and organizations large and small.”
There are defenses that can help to prevent ransomware infections. Basic cyber hygiene can provide significant immunization against such attacks, including:
“Businesses and organizations that don’t take cybersecurity seriously are leaving themselves vulnerable to attack and risk significant impact to their operations,” said Kaiser. “We hope organizations around the world will see this attack as a learning experience and begin to engage in adoption of better cybersecurity practices.”
A good starting point for any organization is implementation of the NIST Cybersecurity Framework. By addressing five easy steps — Identify, Protect, Detect, Respond and Recover —businesses and organizations can begin to craft a holistic approach to cybersecurity.
Other helpful resources include: