There are two types of businesses in the world, those who take security seriously and those who hope that it just won’t happen to them. In general, only one is readily prepared to mitigate the damage caused by hackers. Care to wager on which group is most vulnerable?
And while this may be an oversimplification, the fact of the matter is, WannaCry was preventable. We have now heard tales of doom and gloom from across the globe. Costly effects. The Wall Street Journal predicts the financial ramifications of WannaCry will exceed $8 billion. A late tally of the damage suggests 300,000 computers were compromised worldwide.
Yes. It was preventable. With some simple, proactive security measures.
Now, we are not saying that a security strategy will fully protect you always, that is unreasonable to assume as hackers are always just a step ahead of the game. No, we are saying that organizations should treat WannaCry as a wake-up call to the rising malice and senselessness of cyber criminals and need to be ready for anything.
1. Don’t be left unprepared. Establish an incident response team.
It is essential to rely less on preventing hackers than it is on dealing with them when they attack. Be sure to have a designated incident response team with clearly defined roles and responsibilities, established paths of communication along with a chain of command and a decision-making tree.
2. Don’t ignore consequence-based engineering.
An effective security strategy requires more than deploying security technology into your infrastructure; it needs to start with an analysis of your architecture with an eye toward engineering out any dire consequences of an attack.
3. Don’t get sloppy by neglecting old systems and security protocols.
WannaCry compromises were preventable if organizations had simply taken the time to update or replace vulnerable systems.
4. Don’t forget – most threats are already discovered.
While new attacks are a real risk, most breaches are caused by attacks that have been around for weeks, months, or sometimes even years. Signature-based detection tools allow you to quickly look for and block an attempted infiltration. Use them!
5. Don’t rely on others. Use behavior-based analysis to stop new threats.
Not all threats are recognizable. Behavior-based security tools can look for covert command & control systems, identify inappropriate or unexpected traffic or device behavior, and disable things like zero-day variants.
Using WannaCry as a wake-up call, we all can take away some new lessons about the modern threat landscape. A cyber attack can occur at any time, and vulnerable systems can be made less vulnerable with a sound security strategy and the right tools to prevent and mitigate damage.