How to Protect Your Business from Another Worldwide Cyberattack

Renee E. Coover | 5.18.17


Last week, multiple countries across the globe were hit with a ransomware cyberattack. Fortunately, that cyberattack sparked fewer aftershocks than many initially expected. Coordination and response time amongst countries’ law enforcement agencies were fast-acting and prevented the “Wannacry” ransomware from penetrating additional IT systems.


According to U.S. officials, the ransomware, carried out by unknown hackers affected at least 150 countries and infected over 300,000 computers. One of the biggest victims was Britain’s National Health Service, where dozens of hospitals were forced to cancel operations and redirect ambulances to other hospitals. The malware also spread to FedEx in the US, Russian banks, and many other big businesses.


Although today it is business as usual with many workers logging onto their office computers without issue, this cyberattack provides an important lesson for businesses, both big and small, across all industries, when it comes to cybersecurity.


In the immediate short-term, IT specialists are cautioning clients to take several security measures, particularly by stressing the importance of safe and scrupulous email use. For example, businesses should train their teams to not open unknown links or attachments in emails and request that employees avoid accessing personal email on a work computer.


To protect your business from another worldwide cyberattack, there are a few key policies to implement company-wide:

  1. Virtual Desktop users should not attempt to install software (updates, toolbars, browsers, etc.) of any kind without assistance from your company’s IT specialists.
  2. Employees should only open email necessary to perform their job.
  3. Employees should not open email attachments from/in strange or unexpected emails.
  4. If an employee needs to transmit confidential information to individuals outside the company, employees should use only approved and secure methods.
  5. Develop an incident response plan for your business so that in the event of another cyberattack, every employee is prepared and knows exactly how to respond to a breach.


For those in the health care industry with access to or control over protected patient information, certain privacy rules and notifications may apply to you in the event your business has been hacked and the security of this data has been compromised. Policies and procedures should be put in place to prepare for such an event – particularly since health care data is some of the most highly sought-after information by hackers.


Sign up to stay in the know

I want to receive business and health care legal insights delivered right to my inbox.