Winxnet Security Team Review: WannaCry Ransomware Attack
Well before Friday’s news of the global ransomware attack, my team has been keeping a watchful eye on the increasing size, scope and frequency of these types of events. Their deployment and resulting chaos might feel like big news, but it is something that we have been talking about for years.
It may seem overwhelming to keep track of the current attacks and risks, however, as you can see from our numerous security blog posts and many customer communications around specific vulnerabilities, the controls needed to limit the risk are largely the same time and time again. Because of the media attention given to the WannaCry attack, concern and fears have been heightened, but the steps to help prevent attacks remain largely the same:
- Vigilance. This most recent attack was reportedly deployed by unsuspecting end users clicking on an invoice that was emailed to them. The vigilance, awareness and training of your staff to spot suspicious emails is your best defense.
- Updates and Upgrades. Make sure that all devices are set to receive security patches in a timely, preferably automated, manner. Devices in your environment (servers, workstations, etc.) that have reached end of support from the manufacturer need to be replaced. These unsupported devices will not receive the necessary patches and fixes to address recent issues like WannaCry, and their replacement is nonnegotiable if you want to limit your risk.
- Proven Backups. Likely your best bet to limit the damage from a ransomware attack is a properly set up and tested backup solution. If you have an up-to-date backup of your data, paying the ransom becomes irrelevant and you can be up and running with limited interruption.
- Additional Security Measures. Defense in depth, a layered security is a best approach. Your managed services partner should be providing you with necessary controls like Anti-Virus and Anti-Spam, and there are other solutions like Social Engineering Testing and Managed Security Services that can help spot weaknesses before they are exploited.
There is no way to completely prevent a cyber-attack, just as there is no way to completely prevent an accident or crime, but you can take steps to make yourself and your business as secure as possible. It is our recommendation that you ensure your company has a working information security program that encompasses the above steps in order to minimize your risk, as these attacks will continue to come.