Events that have unfolded over the last few days are a stark reminder that a comprehensive approach to cybersecurity is crucial for business resilience. However, it’s not just a robust cybersecurity architecture that is required. The impact of the latest ransomware attack underlines the importance of getting the basics right too.
Over the last few days, the relevance of regular software “patching” has been amplified. It seems that the ransomware spreading rapidly through many organisations across the globe was exploiting a known vulnerability. Whilst the vulnerability was addressed in a previous software patch update, the vulnerability, of course, would remain if the patch had not been applied. That said, those that experienced the attack using older operating systems that were out of manufacturer support, seemingly did not have the ability to close the vulnerability as part of routine maintenance before the attack.
So is this latest ransomware attack all about patching? Well, no. However, it is all about a well balanced approach to cybersecurity. Patching (where available) is one of the basic approaches that can be taken to help reduce risk of attack, although it’s not the only one that should be considered. There really is no substitute for a comprehensive approach to cybersecurity, but that doesn’t mean all is lost for those organisations that have not yet fully reached cyber resilience maturity. Putting in simple and relatively inexpensive steps can reduce risk in any organisation of any size:
- Establish cybersecurity procedures – a plan to follow in the event of an attack or a breach so that everyone within the organisation knows exactly what they should be doing and who they should contact to mitigate the impact. This includes primitive measure such as ensuring only relevant people have access to systems and data, that passwords are managed and that care is taken with sensitive data and the use of email.
- Educate and train your employees on procedures – for example, email is still a highly effective way to begin a cyber attack. Use care when opening unexpected emails and unknown attachments. Common examples include those posing as invoices, refunds or job offers. If in doubt, employees should know who to ask within the organisation (such as IT or helpdesk).
- Malware protection – establish anti-malware defences and continuously scan for malware. Whilst anti-virus is not a “catch all”, it is still highly relevant and should be kept up to date.
- Patching schedules – ensure that systems are up to date with patching schedules so that known vulnerabilities can be closed and reduce risk of attack.
- Data backup – ensure that critical data assets are routinely backed up so that, should an attack or system failure occur, data is not lost.
Attacks are becoming more sophisticated, yet the high profile ransomware attack we have seen unfold shows that cybercrime does not always need to be sophisticated to succeed. Implementing the basic security measures across the business is important and, once a baseline is established, these principles should be wrapped into a comprehensive approach to cybersecurity to further reduce risk vectors. This is where engaging with a specialist partner with a strong track record of delivering effective cybersecurity can add value and a mature, robust and relevant cybersecurity architecture can be implemented based on organisational needs.
Ransomware - a malicious program that locks a computer's files until a ransom is paid - is not new but the size of this attack by the WannaCry malware is "unprecedented", according to EU police body Europol.