Regarding Wannacry Global Cyber-Attack
Abacode CEO Michael Ferris was at his London office when the news broke regarding the ‘WannaCry’ ransomware attack that hit over 100 countries across the globe. In particular, an estimated 40 National Health Services (NHS) hospitals throughout the United Kingdom were affected. During the attack, head correspondent Gamal Fahnbulleh at Sky News studios contacted Mr. Ferris for comment.
As a Managed Security Services Provider (MSSP), Abacode provides many cybersecurity services to help protect and train companies how to guard against such attacks. They employ a cyber S.M.A.R.TTM approach:
- Self-Governance (Policy & Procedure Consulting)
- Managed Network Surveillance (SOC / SIEM / IDS)
- Assessments & Penetration Tests
- Remediation & Investigation Preparation
- Training & AwarenessLike other forms of malware, ransomware is commonly spread through phishing attempts, legitimate looking emails that prompt the user to click a link and unknowingly download malicious data. A user could be either an employee or vendor with access to a company’s network, such as in the Target breach of 2013 where attackers targeted an HVAC vendor. If a company has not kept their systems updated with recent security patches, or if the malware targets what is known as a “zero day” (a previously unknown vulnerability), the malware encrypts all available data until a ransom is paid. So that begs the question, “How can a company protect against ransomware like WannaCry?”
To guard against ransomware, Abacode recommends the following cybersecurity steps:
1. System update compliance – In a large organization, it can be hard to ensure all users are updating their systems if left to their own devices. When new updates for operating systems (OS) are available, they often contain fixes for recently identified system
vulnerabilities; WannaCry targeted a windows vulnerability that Microsoft released a patch for in March. IT departments should have policies and procedures in place to force system updates as they are released and ensure all users are complying with company cybersecurity regulations. Additionally, companies need to verify their chosen OS is still supported by Microsoft or Apple to receive updates and migrate to a new OS as needed. For example, Windows Server 2003, Windows Vista, and Windows XP are no longer supported for routine updates.
- Data backups – Companies should continuously back up their data, and test system restores regularly, to ensure their information is protected and available. Ransomware’s effectiveness lies in is its ability to deny a company access to their data unless a ransom is paid. With data backups in place, a company can simply restore their information to a previous point in time with minimal losses. This security practice can also protect vital data in the event of a disaster such as a fire.
- 24/7 Cybersecurity Monitoring – All companies should employ a 24/7 cybersecurity monitoring and remediation (SIEM & SOC) service to provide continuous surveillance of their network traffic. Having eyes on events in real time allows for immediate notification and remediation. “As an MSSP, our goal is to provide strategic and holistic solutions to our clients. To mitigate the ongoing cyber-threats and attacks, businesses must start separating cybersecurity from all other IT services,” said Mr. Ferris. “Your in-house IT staff and/or outsourced IT firm can initiate these cybersecurity measures but they should not be the ones performing all of the work”.
- Employee training – According to the UK’s Information Commissioner’s Office 2015, human error accounts for almost 2/3 of cybersecurity incidents. Users can be trained to identify suspicious emails, avoid malicious websites, and verify the publisher of software before downloading it, among others. Training is recommended to take place yearly at a minimum, and many companies have begun testing their own employees with internal phishing programs.
Abacode collaborates, daily, with all vendors and partners in the IT ecosystem but is focused purely on cybersecurity services. This allows the firm to work cohesively with data centers, managed service providers, outsourced IT Firms, VAR’s, cloud companies, and other information technology providers.
“Because we are solely dedicated to providing cybersecurity services, it allows us to work very well with our clients and their other trusted IT partners. Our goal is to provide the proper corporate cybersecurity governance from both a business and technical standpoint, and in doing so, this ensures the correct checks and balances are in place from the top down,” Mr. Ferris commented.
As an MSSP, Abacode is committed to addressing every aspect of the cyber-threat landscape for businesses throughout the world. Abacode executives include global thought leaders and industry experts in ethical hacking, cyber-crimes and corporate governance which provides businesses with solutions and guidance before attacks become disruptions and financial hardships.
For more information, visit www.abacode.com or call (866) 596-9020.