From The Research Team
Global Ransomware Cyber-Attack
Cyber Security Requires Policy and Program
Part 1 – Thwarting the Global Ransomware Attack Threat Made Simple
The recent global cyber-attack has raised our collective awareness that having a Cyber Security policy is not the same as having a Cyber Security program. The ransomware attack codenamed “WannaCry” takes advantage of a vulnerability found in the Windows operating system. The key word in the last sentence is the present verb tense “takes” as this ransomware threat has yet to be contained and there are now warnings of malicious code copycats. Just as concerning is that the threat should never have been as successful as it is since Microsoft provided the means of protection months ago. The critical, security patch aimed at addressing the known vulnerability was released in March both through Microsoft’s update service and the built-in antivirus software, Windows Defender. Therefore, having a Cyber Security program with a mature, consistent approach to patch management and disaster recovery would have saved many of the victims from either becoming a victim in the first place, or escape paying the ransom since a recent backup copy or image of the system(s) could be used to restore those infected.
I hate to say, but we are only at the early stages of such cyber-attacks. For cybercriminals to build and execute such malware is relatively inexpensive with great opportunities for success, especially when small to medium sized businesses (SMB) are reluctant to invest time and money into implementing a program for adequate protection and only seek the appearance of compliance. Most solutions are simple and inexpensive, but still require proper operational process integration and consistent tactical practice. To achieve a Cyber Security program that truly provides prevention, detection, and recovery capabilities takes experience, and professionals with expertise are not free. Nevertheless, investing in the firm’s policy and program is better than worrying if it will be the next victim of cyber-attack and what such damages and costs could result.