On Friday, May 12, 2017, the WannaCry ransomware attack impacted over 10,000 organizations and 200,000 individuals across the world. With such a widespread effect, the attack exposed massive cyber security issues and flaws in online defenses across global networks.
There’s a lot we can learn a lot from the WannaCry ransomware attack. Here, we’ll discuss some of the important lessons we can glean from the WannaCry cyber attack.
What is WannaCry
WannaCry was a cyber attack that encrypted computer data and locked access for computer users. A message demanding a small bitcoin payment was displayed that forced victims to pay a ransom to decrypt and unfreeze their data and computer. As of June 17, nearly $140,000 in payments were made to the WannaCry bitcoin wallet.
The true cost of the attack however, is much higher. Lost production, lost data, and other business interruptions, including the cost of mitigating the cyber security issues and vulnerabilities it revealed, could end up causing damages between hundreds of millions and $4 billion.
Most of the victims of the attack were running Windows 7, an outdated operating system. While there are many newer operating systems available from Microsoft that offer better security features, Windows 7 still accounts for around half of all desktop operating systems in use, according to NetMarketShare.
With all those computers vulnerable operating systems, what lessons can we learn? Security threats like ransomware attacks teach us what steps to take and what steps to avoid with cyber and computer security.
Keep Segmented Data Backups
A great line of defense against malicious ransomware attacks is as simple as making a backup. Data backups are an important aspect of any cyber security risk assessment and your IT personnel need to ensure that proper backups are being made on a consistent, regular basis.
Data backups not only protect your valuable, sensitive data from cyber attacks they can also protect your data during network crashes or other network failures.
With a current backup of all your data you will be less susceptible to be forced to pay a ransom to release your data and unfreeze your computer. It’s important to ensure your data backup isn’t stored locally or your backup could be liable to similar attacks if one of your devices is affected.
An externally stored backup is a relatively simple and affordable way to lessen the impact of a possible ransomware attack. What’s more, data backups can help your organization continue regular activities in case of a systems or network failure.
Conduct Regular Systems Updates
A key lesson learned from the WannaCry attack is the value of patching. Updated operating systems and security protocols can’t guarantee complete imperviousness from attack, but patching helps immensely. The systems and machines most impacted by the attack were those devices running old or out of date operating systems. Keep in mind that nearly all computers impacted by WannaCry were running Windows 7 or an outdated operating system.
System updates often address specific cyber security issues that could include system vulnerabilities or closing access points that could be compromised. Patching gives you a better chance of withstanding a security threat.
Many organizations institute a regular patch day where the following day is a systems wide reboot. While not all computers are able to be patched regularly you stand a better chance of protecting your valuable assets with a semi regular update schedule.
It’s imperative for organizations to practice sound cyber security risk assessment. Additionally, it’s in any company’s best interest to institute regular patch and reboot schedules in order to withstand and deflect ransomware attacks.
While maintaining updated patches will help you avoid certain cyber security issues it’s not a complete panacea for cyber attacks. Data backups and systems updates are only as effective as the people who operate your networked devices. Education should be a key component of your cyber security risk assessment and planning.
Educate Your Staff
Your organization’s best line of defense is your staff. Ensuring that your staff are properly educated in best operational practices for your network will help you avoid many cyber attacks and vulnerabilities. Computer users are often the first target of cyber attacks like WannaCry.
Create, teach, and maintain downloading protocols that minimize the risk of your staff unintentionally loading a malicious program or code into your system. Train staff on how to properly update and reboot computers. Your organization should also have procedures in place regarding using company computers on outside networks.
Many organizations allow users to take computers home. Ensure these devices are properly segmented and that your staff is aware of security risks and best operational practices for using company devices on home or public networks.
Prepare for the Worst
The WannaCry ransomware attack revealed many things about the state of global cyber security. One of the most important revelations is quite simple—the importance of making a plan. While you can’t plan for every contingency, you should have a clear cut hierarchy and set of procedures to deal with and mitigate cyber security issues and risks.
Your plan should include data backups, system updates, and staff education. Your plan should also detail a security schedule that includes when to conduct your backups, updates, classes, and more.
Organizations that plan for disasters are not only better suited to deal with possible emergencies they’re also better structured to avoid them in the first place.
Your plan should include cyber security risk assessment and clear cut steps to improve those vulnerabilities. An IT and cyber security firm can help you create and implement a comprehensive cyber security plan.
Make Cyber Security a Priority
Budgetary concerns often limit cyber security resources. However, the investment in security measures like segmented data backups, regular patching, staff education, and disaster planning far outweigh the potential costs of a ransomware attack.
Events like WannaCry shine a spotlight on cyber security weakness. But it can also provide valuable lessons on how to best protect your organization from malicious ransomware attacks.
If you’d like to assess your company’s vulnerability to malware or to discuss ways you can enhance your cyber protection, contact NIC today.