WannaCry?

by Mike Sangray, CISSP, CISA

Over the past several weeks, the news has been bombarded with details of the latest malware outbreak and the numerous organizations it effected.  The names are big.  Companies with large IT departments and large IT budgets.  How in the world can we prepare and protect ourselves against these types of attacks?

Although nothing is foolproof, there are some things any sized organization can do to protect itself.  In looking at the latest outbreak, the WannaCry ransomware circulating the world, it serves as a great example of some steps we can take now:

  • Patch Management: WannaCry takes advantage of vulnerabilities in the Microsoft Windows family of operating systems. The vulnerability that it exploits was acknowledged by Microsoft** and they issued a patch/fix for the vulnerability two months before the WannaCry virus was released.  Making sure your computers are receiving patches and that they are being applied is critical to a defense against these attacks.  Almost all software manufactures release updates on a regular basis (“patch Tuesdays” in Microsoft’s case).  These updates can be set to automatically download and apply, but we need check to make sure they are being applied and not failing for various reasons.  For organizations with multiple systems, there are various tools that allow you to monitor the patching of your computers that scale well for large organizations.  There are also cloud based service providers that will monitor your systems too.
  • Backups: WannaCry uses advance encryption technology to encrypt files it finds on your system. It then requires you to pay a ransom to receive a key code to “unlock” or “decrypt” your files to access them.  Good backups, with multiple days and months’ worth of copies, gives you the ability to recover your files if a malware such as this manages to get onto your systems.  There are many other reasons to maintain good backups, but it could be a life saver in this type of situation.  There are many backup solutions, from cloud base, to portable hard drive.  Take some time to make sure you are backing up and that the technology you are using is appropriate for your needs.
  • User Awareness: The process of cybersecurity requires vigilance. Each user on your system must understand the common risks and approaches that malware and cyber thieves use to access your systems.  Being skeptical and questioning links, attachments, or websites that something just doesn’t seem right with is critical.  Patches and virus protection software always lags the threats, so an aware user can make all the difference!  Take the time to provide some basic training and education on basic security precautions when using a computer.  There are subscription based services that provide regular content, as well as, various consulting groups that can provide training to help you build a program.

In our business climate, computer systems and the internet are critical to what we do day in and day out.  Anderson ZurMuehlen Technology Services works tirelessly to help its clients succeed in this internet based world as safely as possible.  We’d love help you keep your systems protected and to have the chance show you why we are different!

mike sangray, cyber security engineer, AZTS

Mike Sangray is a Cybersecurity Engineer with Anderson ZurMuehlen Technology Services.  With over 17 years’ experience in information technology, Mike provides a unique, personalized approach to protecting the IT assets of his clients.  msangray@aztechnoloygservices.com  406.442.1040

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.