For more on the WannaCry ransomware, check out 7 Things You Need to Know About the WannaCry Ransomare.
- Patch hygiene becomes higher priority
eSentire said that it is hopeful organizations will “significantly alter their continuous patch hygiene” and recognize “the risk of deploying out- of-date operating systems in production environments.”
Other security experts agree; as Jeff Schilling, CSO of Armor writes in a blog post, “The world knew something like WannaCry could be coming months ago and software companies addressed the issue with a viable patch. The onus was then on organizations to utilize the resources to keep their infrastructure safe. Which, unfortunately didn’t happen in many cases.”
- Shadow Brokers isn’t going away
The hacking group claims to have more tools and information stolen from the U.S. intelligence community, according to eSentire. “As they expose new ‘cyber weapons’ adopted by opportunistic threat actors, suddenly everyone is at risk,” eSentire says.
- New variants of WannaCry on the horizon
Just as new variants of Mirai botnet are expected to be released by opportunistic hackers, WannaCry will also inspire a new set of attacks. eSentire says they won’t necessarily all be ransomware, but this type of attack is the most productive type of attack for making a quick buck.
- Worm-based attacks could do physical damage
Worm-based attacks could unleash physical damage to infrastructure as we move to the Internet of Things (IoT), eSentire says.
“The lack of focus or preparedness for IoT cybersecurity puts everyone at increased risk,” according to the security provider.
- Future attacks involve less human intervention
Globally connected infrastructure means fast-spreading threats can cause massive damage, “especially to embedded systems where there is not ongoing support for vulnerabilities,” eSentire says.