The recent (and ongoing) WannaCry attack, a global cyberattack by the WannaCry ransomware cryptoworm, has targeted computers running Windows by encrypting data and demanding of users a Bitcoin ransom of several hundred dollars. To date, WannaCry, which began on May 12, 2017, has crippled at least 100,000 organizations and over 200,000 endpoints in more than 150 countries.
Scared yet? According to three members of the IBM Security team in the webinar “WannaCry Ransomware Attack – What to Do Now,” you shouldn’t be. But you should be smart and proactive.
Kevin Albano, X-Force IRIS Global Lead for Threat Intelligence, IBM Security, said that everyone, especially those with a mobile or distributed workforce, needs to ensure protections are in place as users come into their environment.
“We need to be sure we are patching,” said Albano. “There’s a script out there to identify which systems are vulnerable so we can, one, identify vulnerable systems, and two, make sure those systems are patched.”
WannaCry Ransomware Attack – What do Do Now
According to Albano and Jim Brennan, IBM Security’s Director of Strategy and Offering Management, system backups are the first and most crucial line of defense.
“Cyberattacks like WannaCry mean you’re going to have to rebuild an infected system,” said Brennan. “The sad reality is that this is how most of these things end up … requiring that you do a reimaging of the system.”
“Now, of course you want to make sure that you’ve [worked hard on] containment and network hygiene so that you’re not putting a nice, new, clean system up there just to get infected again. Ultimately, reimaging is the most likely outcome.”
The notion of reimaging a system might seem obvious to some, but Brennan empathizes the point that the smallest things can make the difference between disaster and survival.
“Sometimes we forget that the fundamentals can have the greatest impact,” he said of system reimaging, which Diana Kelley, Executive Security Advisor, IBM Security, then referred to as “an admin’s best friend — being able to ‘shoot the cow’ and start again.”
You can view “WannaCry Ransomware Attack – What to Do Now” any time by clicking on the “VIEW WEBINAR” link above. The webinar covers a lot of ground when it comes to WannaCry, including:
- What is WannaCry?
- What makes WannaCry so sophisticated?
- 5 critical steps to ensuring you and/or your organization is protected
- Security best practices
- Next steps
Understanding the IOT Explosion and its Impact on Enterprise Security