As businesses pick themselves up after the WannaCry attack it is clear that security threats are not going away. Mark Cattini, CEO and president of Autotask examines what can you do to ensure your organisation stays safe
The world recently witnessed the WannaCry ransomware attack. This threat is a wake-up call to everyone that the danger of cybercrime is exponential. While we need to be ready to see global attacks of this nature increase, the technology that is required to combat these hazards exists now. From vulnerability detection and anti-virus, device and network monitoring, to management tools and data back-up, businesses remain in a never-ending battle to stay current as these threats become more complex. The key is to combine modern technology solutions, both preventative and reactive, so that protecting critical information systems and data is easily implemented and managed.
Estimates put the number of countries affected by the WannaCry strain of ransomware at more than 100, with Russia’s Interior Ministry and the UK National Health Service being seriously affected. Effective security tactics rely on two core concepts: a focus on avoiding exposure, and then forcefully responding and defeating the threat when it happens. The key term here is ‘when’, because new strains of ransomware will always be developed to exploit newly-discovered bugs.
“Businesses remain in a never-ending battle to stay current”
But how are you supposed to plan for a ransomware attack? The immediate priority should be to formulate and then implement a resolution so that the impact is minimal. With a single PC, this could be isolating the device from the network to inhibit the infection from spreading, followed by wiping the machine, re-imaging, and then restoring the files and folders.
For a large organisation, this may involve taking numerous machines offline to immediately reduce the risk of the virus spreading, identifying, and resolving any potential problem endpoints, followed by performing an audit and taking action to ensure that every portion of the system is patched and protected.
The success of responding to and being prepared for an attack depends on controlling the situation. First, be sure to have a continuous approach to patch management, using an RMM solution to automate delivery of the latest operating system on all devices. You then must utilise web filtering solutions that protect users visiting malicious sites. Deploy a continuously updated and current anti-virus solution to all managed desktops, laptops, tablets, and mobile devices. In addition, adopt other security solutions based on your needs and inform your team on behavioural best practices. Lastly, implement a backup and recovery solution with an enterprise-grade file sync and share (FSS) solution which can be used to help quickly recover from an attack.
While the number of victims targeted across the globe continues to grow and ransomware becomes more sophisticated, there are ways to fight back. Stay updated, informed and aware, and your organisation can avoid becoming the next victim of cybercrime.
PCR’s Sector Spotlight on Security – in association with BullGuard – is running throughout September 2017 – click here for more articles