There have been hundreds, if not thousands, of articles written lately about the great cybersecurity attack of 2017 (so far). WannaCry (aka WannaCrypt, WannaDecryptor, etc.) is a very serious ransomware attack that has created havoc around the world. In the U.K., at least 16 hospitals were shut down. Everything except for extreme life threatening conditions were put on hold. This includes scheduled operations, doctor appointments, and other medical procedures. In India, a power company came to a complete standstill as its IT infrastructure crashed from the weight of WannaCry. A large telecommunication firm in Spain came under attack, affecting 85% of its computers. The U.S was not hit as hard as some, but there were over 200,000 victims in over 150 countries. Hackers demanded $300 USD worth of Bitcoin or your data would be destroyed.
Should I pay the ransom? Most experts agree that paying the ransom might not be the best idea. You are trusting a criminal to return your data unharmed, probably not the best idea.
What can YOU do?
- Patch! Patch! Patch!
- Make sure your OS patches and security updates are current. A number of security vendors, including Microsoft, have stepped up with fixes and suggestions to protect your network.
- Make sure you backup your data on a regular basis and protect your backups. Online backups are just as vulnerable to ransomware
- Generally speaking, invest in company-wide security training, and understand malicious email and websites. Don’t assume everyone knows the potential signs and risks of an attack.
- Install Antivirus software, a Firewall, IDS and IPS tools, and Bot detection. As these attacks become more sophisticated these layers are critical to your protection.
- Be Prepared! Security experts have been preaching it for many years, apply a layered approach to protect yourself.
Still the number one thing that we can do as security professionals? Increase awareness through security training as an ongoing activity, it can be your best line of defense.
About the Author
Kevin Lemmon is a seasoned software security leader specializing in building and managing sales engineers. He is the Senior Director of Solution Engineers at Distil Networks, a global leader in bot detection and mitigation.More Content by Kevin Lemmon