Cyber attacks are happening more often and becoming more severe. The recent WannaCry and NotPetya attacks have taught us several important lessons to keep in mind as we look to improve our own cybersecurity defenses:
- The threats weren’t necessarily new. Attacks similar to WannaCry occurred with Sony in 2014 and Blaster in 2003 (Ward, 2017). Firewalls and regular patching can prevent the attacks, and the specific patch for the WannaCry vulnerability was released almost two months ahead of the attack. When word got out that this weakness existed and that it was easy to exploit, those that did not act quickly to patch their vulnerabilities suffered from the attacks.
- Many organizations were still vulnerable. According to Hackett (2017), the NotPetya cyber attacks targeted companies that failed to patch their systems against the Microsoft vulnerability (SMB-1). If you haven’t already, make sure you apply Microsoft patch MS17-010 and block connections to Microsoft Windows’ port 445 (Howard, 2017).
- Back up your data. Even after applying patches, no firewall or anti-virus software is completely flawless, so it’s best to store important data in another location outside of the network (Weavers, as cited by Satran, 2017).
- If affected, report incidents and take the proper response steps immediately. Quick incident reporting and firm participation helped stop the spread of WannaCry not long after the attacks had begun. Regulators have also started issuing warnings that those neglecting to report cyber attacks within 72 hours will be penalized. The Office of Civil Rights (OCR) recently published a helpful checklist and infographic for responding to cyber attacks here.
- Paying the ransom doesn’t guarantee your files will be returned. The email service (Posteo) quickly blocked the email used for receipt of Bitcoin, severing any link for further communication. Further, paying the ransom will likely encourage cyber criminals to continue the attacks.
These attacks serve as stark reminders to take preventative measures and avoid complacency with our cyber security. The risks are becoming harder to ignore as we continue to see attacks emerge and ripple across a global network.
Is your organization prepared to handle a cyber attack? Are you looking for ways to strengthen your organization’s cyber security? IEEE offers extensive training for technical professionals to improve security techniques. Check them out here: Courses from IEEE Continuing Education
Hackett, R. (2017, Jun 27). Everything to know about the latest worldwide ransomware attack. Fortune.
Howard, R. (2017, Jun 27). Threat brief: Petya ransomware. Palo Alto Networks, Inc.
Satran, R. (2017, jun 22). ANALYSIS: WannaCry attacks shows trend toward ‘economic’ cyber threats, rising regulatory risk. Reuters.
Ward, D. WannaCry NHS attack- Busting the myths. Public Technology.net.