Protect yourself from WannCry and other future threats!
It has been an interesting couple of days, starting with the initial news of a global ransomware attack on major media outlets on Friday, Mat 13th, 2017. We are talking about CNN, WallStreet Journal, etc…, not your security newsletter or Brian Krebs website. By late Friday, we were all familiar with the now infamous screen informing the victim that his/her files have been encrypted and requesting a ransom payment to recover the files.
A lot of information is out there regarding what this threat is and how it works. I found these links especially useful in working with our clients to help them protect their systems from falling victim to this global threat:
Although the spread of the malware appeared to slow down due the the kill-switch described in the article above from Malwaretech, a new version that was not impacted by this kill switch was already reported to be seen in the wild by Sunday.
By Monday, May 15th, we had reports of hundred of thousands of machines infected worldwide, from individual home users to global corporations like FedEx Corp, Renault, Nissan, and Telefonica among them. The German Railways was an example how an IT incident can cripple critical infrastructure.
While the incidents at NHS showed how these types of attacks can put lives at danger.
It was interesting to see that the ransomware was using a known Windows vulnerability that Microsoft has issued a patch on March 14th with the MS17-010 Critical Security Bulletin. This showed us once more how critical it is to have a pro-active and regular Vulnerability and Patch Management process.
We have observed that our clients who have implemented automated and integrated security processes and solutions were not impacted by this global threat. The importance of the following initiatives was once more proven in the field:
- Ongoing Vulnerability Scanning and Remediation
- Automating Windows Updates
- End-point Security and Anti-Virus
- End-user Security and Phishing Awareness
If you would like to learn more about how you can protect yourselves from similar threats in future by implementing pro-active and automated solutions, contact us at firstname.lastname@example.org.