On May 12th, the world has seen the biggest cyber-attack in Internet history! WannaCry, a ransomware worm/virus spread over the world infecting more than 200.000 systems.
Ransomware viruses are not new. The first encrypting ransomware was the ‘AIDS’ Trojan written by Joseph Popp in 1989. But we see that the popularity has increased tremendously the last years.
There are 2 types of ransomware attacks:
- The encryptors, such as WannaCry, which encrypt files on your file system making them unusable until you pay a certain amount to decrypt them.
- The crypto lockers which lock the users out of their system. Again, the hackers ask for a ransom to get the access back.
Typically, attackers target businesses for various reasons:
- Businesses have more money than home users
- The impact of the attack can disrupt the normal operation causing a massive loss of income
- There are many employees which facilitate social engineering (a method to get PC’s infected by using various techniques to convince people to open/execute your virus)
- End user computers are managed by the IT department and not always up to date making them an easy target for hackers
- Poorly implemented BYOD strategies (allowing unmanaged devices directly into the corporate realm)
Central server infrastructure can help mitigate the risks of such attacks. In a central server infrastructure, all the workload is executed on several well-managed servers and the client needs no direct access to the servers. The IT administrators can control who accesses what resources, make sure the servers are adequately patched and have up to date anti-virus software.
Awingu is a workspace aggregator which acts as the gatekeeper towards such a central infrastructure. End users don’t need access to the file shares. They access it through their browser or their virtual applications.
In case an end user device (corporate-owned or BYOD) is infected with the virus the data is not compromised as there is no direct link towards the file servers. Furthermore, the end users can just take another machine and continue working (the only thing they need is a browser) and this way lower the loss of productivity.