https://www.engineeringnews.co.za

Don’t cry over data loss as a result of WannaCry if you could have prevented it

16th May 2017

     

Font size: - +

This article has been supplied as a media statement and is not written by Creamer Media. It may be available only for a limited time on this website.

The WannaCry  (0.03 MB)
  • Security practitioners the world over should take a stern reality check after WannaCry ransomware hits the globe

 
The WannaCry ransomware cyber attack orchestrated over the weekend of the 12th of May should act as a stark reminder to companies that data backups need to be done regularly, that security solutions have to remain up to date and that user education is still a vital component of every security policy.
 
This is according to Andrew Potgieter, Security Solutions Director at Westcon-Comstor Southern Africa, who adds that even more unnerving is that “kits” to put together attacks of this nature are readily available for download on the Internet and doesn’t require a group of elite hactivists to run.
 
“Ransomware encrypts the data in your data centre (storage) or on personal devices and holds it ‘ransom’ until you pay the fee requested by the ‘data kidnapper’. What made the WannaCry attack so different is that it was done on a global scale, spreading to 150 countries, impacting over 10,000 organisations and 200,000 individuals – exploiting a security flaw in Windows XP,” states Potgieter.
 
Furthermore, he says that perhaps the most startling component of the attack is that so many companies were simply crippled. Highlighting that there is a real flaw in IT security policies, there are few organisations with effective “crisis situation” policies in place and that companies who simply fall back on two-dimensional, anti-intrusion detection and prevention methods will continue to fall victim.
 
Simply put, according to Westcon-Comstor vendor partner AlienVault, WannaCry is a ransomware variant that takes advantage of an exploit in the Windows operating system (MS17-010) that was released by a hacking organisation called Shadow Brokers in March.  The exploit and tools were allegedly part of a collection of spy tools used by the National Security Agency (NSA).  While Microsoft patched the vulnerability pretty quickly after the release, many clients have not run the updates needed to deploy the latest patch. Once an infected computer is put into action the malware spreads like a worm on your network, sniffing out other vulnerable machines to infect.
 
Regular backups and snapshots can help you recover files hidden behind ransomware, particularly if you can identify when the infections occurred, so you only work with backup copies before the infection. While you won’t be able to recover your files since the last backup, without paying the ransom, you can get at older files that are critical to business operation and continuity.
 
“Ransomware hides your data, but that data can be restored if regular backups are done in a business. Backups shouldn’t just be a business imperative, but a security one too, as all data needs to be continually and regularly scanned and cleaned of hidden malware. Updates might be a pain and slow your machine, but there are critical in a business, you simply have to run all updates as often as you can. It is the job of the IT department to ensure this happens.
 
“This is a huge wake up call for security practitioners, software developers and businesses alike. One small vulnerability can cripple your business. It is not just IoT and digital platforms that are affected it is all platforms. If businesses weren’t aware that they need to take security seriously, then this attack should surely change their minds,” ends Potgieter.

Edited by Creamer Media Reporter

Comments

Showroom

Alco-Safe
Alco-Safe

An unmanned breathalyser that is made to be tough and simple to use. Can be used in any environment for operator-free breathalyser testing.

VISIT SHOWROOM 
Booyco Electronics
Booyco Electronics

Booyco Electronics, South African pioneer of Proximity Detection Systems, offers safety solutions for underground and surface mining, quarrying,...

VISIT SHOWROOM 

Latest Multimedia

sponsored by

Option 1 (equivalent of R125 a month):

Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format

Option 2 (equivalent of R375 a month):

All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.

Already a subscriber?

Forgotten your password?

MAGAZINE & ONLINE

SUBSCRIBE

RESEARCH CHANNEL AFRICA

SUBSCRIBE

CORPORATE PACKAGES

CLICK FOR A QUOTATION







sq:0.076 0.128s - 158pq - 2rq
Subscribe Now