WannaCrypt Ransomware Update – Are you protected?
Starting the United Kingdom and Spain, the malicious “WannaCrypt” software quickly spread globally, blocking customers from their data unless they paid a ransom using Bitcoin. WannaCrypt exploits used in the attack were drawn from the exploits stolen from the National Security Agency, or NSA, in the United States. That theft was publicly reported earlier this year.
The WannaCrypt ransomware encrypts all local and shared files that the user can access and removes copies to make data recovery more difficult. This attack is also able to automatically spread across networks without user intervention. The first incidents started to be reported at 10:00 GMT 12/05/2017, within UK NHS organisations, and in a matter of hours, over 130,000 computers in 150 countries were infected, demanding ransom payments in the cryptocurrency Bitcoin in 28 languages.
The WannaCrypt attack is using a vulnerability knowns as ETERNALBLUE that was fixed in a March 2017 Security Update (MS17-010 SMBv1). Computers running older version of Windows and without this update installed can easily be affected by this threat.
As infrastructure security specialists, Click Enterprise have the first responsibility to address these issues with our clients. This attack demonstrates the degree to which cybersecurity has become a shared responsibility between managed services providers and customers. The fact that so many computers remained vulnerable two months after the release of a patch illustrates this aspect. As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems. Otherwise they are literally fighting the problems of the present with tools from the past. This attack is a powerful reminder that information technology basics like keeping computers current and patched are a high responsibility for everyone, and it is something every top executive should support.
Click have a clear understanding of the complexity and diversity of today’s IT infrastructure, and how updates can be a formidable practical challenge for many customers.
At Click Enterprise, we recommend that our customers:
- Have a patch management policy in place and update all computers and programmes; not just Microsoft software and applications
- Keep anti-malware and anti-virus software up-to-date
- Apply security best practices provided by the vendor
- Upgrade computers to the latest version of Windows 10
We should learn from this recent attack and instil a sense of renewed determination for more urgent collective action. We need to work together to protect against cybersecurity attacks. More action is needed, and it is needed now. In this sense, the WannaCrypt attack is a wake-up call for all of us.
Patch management is about keeping software on computers and network devices up to date and capable of resisting low-level cyber-attacks.
Any software is prone to technical vulnerabilities. Once discovered and shared publicly, vulnerabilities can rapidly be exploited by cyber criminals. Hackers can take advantage of known vulnerabilities in operating systems (OS) and third-party applications if they are not properly patched or updated.
According to leading patch management vendors only 14% of patches apply to Microsoft technologies. The remainder are attributed to other technologies installed on computers, such as from Adobe, Apple, Oracle.
Click Enterprise can work with you to:
- Design and implement a clear security policy
- Help you define your strategy for managing patches/ upgrades for software applications and technologies. A patch management plan can help a business or organisation handle these changes efficiently
- Help you to implement your patch management strategy using known solutions such as Windows Server Update Services (WSUS) and System Center Configuration Manager (SCCM), SolarWinds, HEAT Software and Flexera
- Help you to analyse your patch management compliance reports and remediate any necessary work
- Automate the above process and report back to your senior stakeholders to demonstrate the action taken
Windows 10 Update
Windows 10 includes many new features to help IT staff be more productive and enable them to help drive digital transformation in their organisation. It provides IT professionals with advanced protection against modern security threats and comprehensive management and control over devices and apps, as well as flexible deployment, update, and support options.
Given its sheer scale and complexity, migrating to Windows 10 has the potential to be the most painful, costly and time-sensitive IT project for many organisations. There is an undeniable impact on the network, and striking the right balance between a successful and fast migration and not disrupting the flow of business data, yet ensuring that the right software applications are installed, are key considerations that IT departments have to take when planning and executing their migration.
According to Gartner, companies are typically looking at a two-year project for Windows 10 migrations. That is a long time! There will have been four Feature Updates, 24 Quality Updates, six Configuration Manager updates and plenty of application security updates in that time.
Click Enterprise can:
- Help you to define your strategy for upgrading to Windows 10 as well as keep it secure
- Help you to implement and maintain a Windows 10 delivery optimization using known solutions such as System Center Configuration Manager (SCCM), Microsoft Deployment Toolkit (MDT)
- Help you to analyse your operating system deployment compliance reports and remediate any necessary work