Security advice from AXLR8

Following the ransomware cyber attack on Friday 12 May which affected the NHS and is now known to have affected other organisations globally, AXLR8 offer the following advice urging both individuals and businesses to follow protection advice immediately and into the future. It is to be expected that other scams will follow, typically ones that purport to offer a solution only for it to be another exploit and not a solution at all. If you are in any doubt please feel free to call AXLR8 and we can put you in touch with a cyber security specialist consultant.

Key messages to protect yourself from ransomware:

  • Install system and application updates on all devices as soon as they become available.
  • Install anti-virus software on all devices and keep it updated.
  • Ensure that passwords are 10 characters or longer, and include a mixture of upper and lower case letters, numerals, and special characters (e.g. !, &, *). Our suggestion is to think of 3 words that are meaningful to you, concatenate them, substitute an “S” with a “5”, and/or an “E” for a “3” etc, similarly change an “I” for a “!” maybe. Do not write passwords on post it notes – if you must record them, keep them in a file on an external device, such as a USB stick. Do not call the file “passwords”, but something else non-pertinent – “elephants” maybe.
  • Create regular backups of your important files to a device that isn’t left connected to your network as any malware infection could spread to that too. Customers using our CRM systems can rest assured that their databases are backed up on a daily basis. If you wish to discuss our backup procedure, please call us on 01344 776500 or email support@AXLR8.com.

Fraudsters may exploit the recent high profile incident and use it as part of phishing/smishing campaigns. That is to say that they may offer a solution that is in fact an attack. We urge people to be particularly cautious if they receive any unsolicited communications from the NHS.

Our advice is as follows:

  • An email address can be spoofed. Don’t open attachments or click on the links within any unsolicited emails you receive, and never respond to emails that ask for your personal or financial details.
  • The sender’s name and number in a text message can be spoofed, so even if the message appears to be from an organisation you know of, you should still exercise caution, particularly if the texts are asking you to click on a link or call a number.
  • Don’t disclose your personal or financial details during a cold call, and remember that the police and banks will never ring you and ask you to verify your PIN, withdraw your cash, or transfer your money to another “safe” account.