Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry
Posted in Data Protection & Privacy Harriet Pearson

Combatting the Massive Wave of WannaCry Ransomware

shutterstock_85035682-300x225Major companies, health care organizations and government agencies are facing a wave of cyberattacks involving ransomware that takes control of computers and denies access until a ransom is paid.  These attacks are occurring on a global scale and in some cases are having a significant impact on business and healthcare operations.  The cyberattack has disrupted targets throughout the world from Britain’s National Health Service to US Fortune 500 companies, the Russian Foreign Ministry, and universities in China.

Protecting Against the Threat

Security measures that can be taken to help protect against the threat are evolving as more information becomes available. Key measures that we advise counsel to confirm are in place include:

  • Anti-virus signatures. Anti-virus signatures that will protect against known variants of the ransomware are available for most products. Your IT department should confirm availability and deployment of those signatures.
  • Monitoring. Your information security team should monitor for new variants of the ransomware and take action to maintain protection against those new variants through deployment of updated malware signatures as available.
  • Containment Plan. In the event that systems are compromised, as a priority action contain the affected system as quickly as possible to stop the spread of the ransomware within the network while otherwise activating your organization’s incident response plan.
  • Response Plan. Consider now how your organization would likely address key issues raised by ransomware attacks, such as whether and how to pay ransom; how to interact with law enforcement; and the process by which to restore operations

Additional Resources: Government agencies are partnering with the private sector to develop a better understanding of the threat and to provide information on measures to protect IT systems. Below is a sampling of government alerts issued at this time:

Hogan Lovells’ multi-disciplinary cybersecurity team is monitoring and advising on these developments globally.

Authors acknowledge the valuable input to this post provided by Jeffrey Lolley, Managing Principal, Hogan Lovells Cyber Risk Services.