CEO Forum: WannaCry Raises the Red Flag

Written by
May 24, 2017

Autotask chief Mark Cattini explains how staying updated, informed and aware can help your organization avoid becoming the next cautionary tale.

Cybercrime is one of the biggest challenges society faces today.

As the world becomes more digitized and dependent on connected systems and devices, the threat and the potential impact is exponential.

As we just recently witnessed the WannaCry attack, this is a wake-up call and we should expect to see global attacks of this nature accelerate.
There is good news.

The technology that is required to combat these hazards exists today, including vulnerability detection and anti-virus, device and network monitoring, and management tools and data back-up.

Although, even with this technology, it is proving to be a never-ending battle to stay current as the threats become more sophisticated.
The important thing is to combine all of these technology solutions so that protecting critical information systems and data is easily deployed and managed.

The Reality of WannaCry

The impact of the recent attacks has been devastating.

As of May 14th, estimates put the number of countries affected by the WannaCry strain of ransomware at more than 100, with those being seriously affected ranging from Russia’s Interior Ministry to the UK National Health Service.

Clearly, ransomware is extremely dangerous, and organizations need a comprehensive strategy to handle it.

Effective security strategies rely on two core concepts – a focus on avoiding exposure and then robustly responding and defeating the threat when it occurs.

The key term here is ‘when’ as deterrence will never be 100 percent foolproof – new strains of ransomware will always be developed to exploit newly-discovered bugs.

There is always a need for both preventative and reactive methods.

Effectively Manage a Ransomware Attack

Responding to a ransomware attack depends on controlling the situation as much as possible.

Plan and then implement a resolution so that the impact to workers’ productivity is minimal.

With a single PC, this might mean isolating the device from the network to prevent the infection spreading, followed by wiping the machine, re-imaging, and then restoring that person’s files and folders.

For a large, disparate organization, this could involve taking scores of machines offline to immediately reduce the risk of the virus spreading, identifying, and resolving problem endpoints as above, and then performing an audit and taking action to ensure every endpoint is patched and protected.

WannaCry offers all of us a vital reminder that there is an absolute need to continue to back up as many endpoints as possible, especially those of decision-makers and mobile workers who simply cannot rely on legacy or manual processes to protect their data when disaster strikes.

How to Protect Data from Cybercrime

Patch Management: Be sure to have a continuous approach to patch management, using a RMM solution to automate delivery of the latest operating system patches on all your devices under management.
Web Filtering: Make good use of web filtering solutions to protect users and their devices when visiting harmful sites.
Antivirus Updates: Make sure you have deployed a continuously updated and current anti-virus (A/V) solution to all managed desktops, laptops, tablets, and mobile devices.
Have a multi-layered security approach: In addition to filtering and A/V, deploy other security solutions based on the needs and budgets of your clients.
Education: Utilize all means necessary to educate your employees and clients on behavioral best practices, sharing what to click and what not to click, and other tips.
Implement a backup and recovery solution on each endpoint: An enterprise-grade file sync and share (FSS) solution can be deployed to help quickly recover from a ransomware attack or other data loss scenarios.