The National Cyber Security Centre has issued guidance on the recent ransomware attacks on businesses.
There are two main pieces of guidance available, one for organisations and one for private individuals and SMEs which are applicable regardless of the age of the software being used. The full guidance is available here: https://www.ncsc.gov.uk/guidance/ransomware-latest-ncsc-guidance
The NCSC advises the following steps to reduce the risk of attack and mitigate the impact of an attack if it does occur. The steps that can be taken are available here: https://www.ncsc.gov.uk/guidance/protecting-your-organisation-ransomware and are summarised below.
For organisations
- Keep your organisation’s security software patches up to date
- Use proper anti-virus software services
- Most importantly for ransomware, back up the data that matters to you, because you can’t be held to ransom for data you hold somewhere else.
For individuals and small businesses:
- Run Windows Update
- Make sure your AntiVirus product is up to date and run a scan – If you don’t have one, install one of the free trial versions from a reputable vendor
- If you have not done so before, this is a good time to think about backing important data up – You can’t be held to ransom if you’ve got the data somewhere else.
Updates to the guidance and any further news will be publicised through the NCSC Twitter account (@ncsc).
