card

Keep systems upgraded to prevent ransomware attacks

03.10.2023
201

Ransomware attacks pose a significant threat to both businesses and individuals, but there's a crucial defence strategy that can significantly reduce the risk: keeping all systems, software, and web browsers up to date. This proactive approach is essential because ransomware is continuously evolving, and hackers often exploit vulnerabilities in outdated systems to infiltrate and compromise computers, especially those running without a VPN service. Take, for instance, the outdated WordPress plugin saga.

The WannaCry Wake-Up Call

A stark example of the havoc caused by neglecting system updates is the WannaCry ransomware attack that struck in 2017. This malicious software crippled major organisations, including NHS hospitals, Telefonica, and Taiwan Semiconductor Manufacturing Co. (TSMC), by specifically targeting computers running outdated versions of Windows. Over a span of four days, WannaCry infected a staggering 230,000 computers, causing widespread chaos and financial losses.

ICTA's Call for System Upgrades

Recognising the critical importance of system maintenance and upgrades, the Information and Communication Technology Agency (ICTA) has issued a directive to all government institutions, emphasising the need to keep their systems up to date and properly maintained to safeguard against ransomware attacks.

Restoring After a Ransomware Attack

Recently, ICTA encountered a severe ransomware attack that affected government offices using the "gov.lk" email domain. While the agency successfully restored email services, a significant data loss incident occurred during the process. This loss underscores the urgency of system upgrades and maintenance.

ICTA Chief Executive Officer Mahesh Perera explained that the email service had been running on an outdated 2013 email platform, leaving it vulnerable to various security threats. Previous attempts to upgrade the service faced financial constraints and design issues, making it susceptible to cyberattacks. Also, read Weak threat response and outdated technology expose millions to cyber attacks.

The ransomware attack on August 26 encrypted all emails and online services, including backups. Although ICTA managed to restore the email system using a two-and-a-half-month-old offline backup, any emails received within that period were lost permanently.

In response to the attack, ICTA reported the incident to the Sri Lanka Computer Emergency Readiness Team (SLCERT) for investigation and filed a police complaint regarding the ransomware attack.

To prevent future attacks and strengthen its cybersecurity posture, ICTA is actively engaged in upgrading email services, emphasising the importance of keeping systems up to date to mitigate the risk of ransomware and other cyber threats.

In conclusion, the ransomware attack on government email systems serves as a stark reminder of the critical need for regular system upgrades and maintenance in the face of evolving cyber threats. Staying vigilant and proactive in system management while surfing online with Hide Expert VPN is the key to preventing future ransomware attacks and safeguarding critical data and infrastructure.