What you need to know about the Internet’s biggest Ransomware attack:

This past week was a major milestone for the global IT community. Cyber-threats moved to front-and-center in the business windshield, as the WannaCry malware reached epidemic levels globally.

Recap:

WannaCry is a ransomware virus that locks up the infected computer and offers to release it for a fee. Once embedded, the virus infects other devices on the network as well.

We now know that the NSA originally discovered a weakness in Windows operating systems that creates a “threat vector”. This is what the NSA is paid to do, as cyber-espionage is both an offensive and defensive strategy to keep the United States safe. The exploit was somehow leaked (I’m sure there is an extensive search going on within the NSA as to who leaked it), and the international network of cyber-criminals got their hands on it and began developing a coordinated attack. In the meantime, Microsoft, aware of the weakness in their operating system (important to note: this weakness could be one or two lines of code amidst millions) created an update or “patch” to protect against this threat. The criminals who released this ransomware into the wild are well aware of the fact that thousands of organizations are perpetually behind on their updates and planned to exploit this human engineered weakness.

To date, WannaCry has infected hundreds of thousands of computers internationally and shut down hundreds of businesses, including hospitals, for extended periods of time. Although the dollar amount WannaCry has been able to extort has not been enormous, reportedly only about $100,000 internationally, the loss of time and productivity would likely amount to billions internationally.

In our opinion, WannaCry was the event the public needed in terms of treating cyber-threat seriously:

  1. It created awareness of the risks of being unprepared, with minimal realized costs (at least in our customer base)
  2. It reinforced the value of a highly trained team in managing and supporting your IT environment
  3. The event galvanized the IT industry to work more collaboratively to prevent these “events” in the future.

Upward is pleased to report that we did not have a single reported instance of a WannaCry infection.

This can be attributed to:

  • Maintaining extremely aggressive application and OS update levels across our user base.
  • Enforcing strong firewall security settings.
  • Updated Enterprise-grade Anti-virus and anti-malware software.
  • Routine audits of our client environments for out of compliance devices and software.
  • A little bit of luck 😉

What you need to know and plan on:

  1. Consistent patching, firewall policies & Enterprise Anti-virus/malware are an absolute must these days. These high-value service provided (mostly behind the scenes) by your IT team.
  2. Windows 7 PC’s are more vulnerable to threats like WannaCry. Because they are in extended support with Microsoft, they are often easier to exploit than Windows 10, which incorporates upgraded security features. Windows 7 PC’s should be identified and sun-setted in your environment.
  3. EVERY business is vulnerable. If you are not actively investing resources into protecting your business, you are playing Russian roulette. Regularly consulting with an expert MSP about cyber safety is a must for every business, big or small. As the Wall Street Journal reported, “All IT jobs are now Cyber-security jobs”.

If you have questions about how to improve your IT security, or would like to discuss ways to play better defense against cyber-criminals, click here to reach out to Upward today.