“Back to Basics” – How following best practice can stop ransomware in its tracks

By Dave Nicholson, Technical Sales Consultant, Axial Systems.

  • 6 years ago Posted in
The recent Petya global cyber-attack is the second major global outbreak of ransomware in two months following the WannaCry attack in May. The publicity generated in the wake of these incidents should sound a warning bell to organisations worldwide.  But the signs have been there for some time.  Last year, ransomware attacks grew at a blistering pace. In total, SonicWall reports 638 million were attempted in 2016more than 167 times the corresponding figure for the previous year.
 
These attacks bring into sharp focus is the need for organisations to ensure - as an absolute priority - that they are adopting best practice approaches. Many organisations simply are not doing this as a matter of course and that’s why these attacks have the potential to be so damaging.
 
It’s understandable that the media focuses on how these attacks impact the public sector. After all, its key that hospital and utilities in particular, remain up and running at all times. Our health and safety depend on it. That’s why it was so worrying that the NHS was so badly affected by WannaCry. It was another painful reminder not only that security should be high up the list of priorities for all organisations but also that following best practices is always an imperative. 
 
The kind of ransomware seen in these attacks is not especially new or sophisticated. It is typically not a case of a bunch of rocket scientists getting together to create the latest, greatest piece of code. These are essentially ‘spy and pry’ approaches that exploit known vulnerabilities. What is undeniable however, is that however rudimentary the approach, it paid off and a lot of organisations got hit – some badly.
 
We are clearly seeing an increased risk of compromise across a wide range of sectors. Why is that? Well much of it is down to a failure to take the necessary precautions. Often, patches have been sent but hard-pressed organisations simply do have the time or resources to implement them in a timely manner. The perpetrators know that there are enough unpatched systems out there in the marketplace that if they send out sufficient malware they are almost certain to be able to compromise multiple systems.
 
So, from our perspective the advice to organisations needs to be: ‘above all else, get the basics right: make sure you are bringing patches up to date, update your antivirus software, limit network access and limit user privileges’. It might seem like common sense but organisations that do all that stand a much better chance of avoiding becoming a victim of the next attack.
By Barry O'Donnelll, Chief Operating Officer at TSG.
By Dr. Sven Krasser, Senior Vice President and Chief Scientist, CrowdStrike.
By Gareth Beanland, Infinidat.
By Nick Heudecker, Senior Director at Cribl.
By Stuart Green, Cloud Security Architect at Check Point Software Technologies.
The cloud is the backbone of digital cybersecurity. By Walter Heck, CTO HeleCloud
By Damien Brophy, Vice President EMEA at ThoughtSpot.