What Can We Learn From the Recent Ransomware Attack?
Last Friday, a devastating wave of ransomware known as #WannCrypt or #WannaCry spread to over 200 countries. In terms of a number of infections, the country that got hit the hardest was Russia. The United Kingdom, Spain and other countries saw damage to their National Health Service. Hospitals had to unplug their computers to stop the malware from spreading to important information.
The United States, even though affected mildly by this attack, should feel quite lucky compared to other countries. Why? The intentions behind these attacks and who they were targeting are still unknown. Choosing not to target many U.S systems for some reason we are not really sure. Another reason is that most users in the United States have the most recent Windows operating system, while other countries user is in previous versions. This seems like a win for the United States, right? No, on the contrary, we need to look at this as a warning stage for something more malicious in the near future.
The biggest lesson to all of us is that the next major cyber attack might be just around the corner. Cybersecurity should not be politicized and politics has nothing to do with this cybersecurity. Government officials and business entities have everything to gain, in terms of public safety and promoting better cybersecurity. Recent events have put a spotlight on cybersecurity and how important to strengthen our security really is.
Protecting all your data, systems, and networks from all forms of malicious activities are not going to happen. We have to realize what assets are most important for us to defend. Data audit is an important step towards improving your cybersecurity. Do you need to ask questions, what data is critical to your company? What data do we need to store? What data should be accessible all the time and which data should just have limited access? And etc.
Cybersecurity teams should be held accountable to ensure compliance with the fundamental standards for information security. If the compliance is imperfect than the attacker probably already knows where the weakness is. It is critical to maintaining resilience in the face of cyberattacks that target top priorities.
We all should have a strategic communication plan in our companies. Do not wait until you are in the midst of a cyberattack to brainstorm all the key points with your board, shareholders, and clients. Do some research on how companies have managed or failed to manage their communication strategies against cyberattacks.
Our government officials can also help themselves by spending some time to educate themselves about the cyber threats. Private and public sector executives have to develop some contacts, gather insights, and improve their instincts on cybersecurity to stay ahead of the curve. One way is having set products that could help you see attacks coming and organize them, in a way that helps you save time and money. One of such platforms is Security Orchestration Automation Response(SOAR) and its leader CyberSponse.
CyberSponse Inc., a global leader in cybersecurity automation and orchestration, helps accelerate an organization’s processes, security operations teams and incident responders. The CyberSponse platform enables organizations to seamlessly integrate, automate and playbook their security tool stack, enabling better, faster and more effective security operations. With a global presence, offering an enterprise platform, CyberSponse enables organizations to secure their security operations teams and environments. For more information, visit www.CyberSponse.com.
For more on Incident Response and how to use playbooks in your organization please check out our other website: IncidentResponse.com.