Five years ago, the security world was rocked by one of the most sudden and widespread ransomware outbreaks in history. Even now, organisations are still recovering from the damage done by WannaCry, and its shadow still looms large over the industry.
While ransomware has remained a major threat for organisations over the last half-decade, we haven’t seen anything as globally impactful as WannaCry since then - so what (if anything) has the industry learned from the incident, and are we likely to see anything on a similar scale again? IEEE senior member and professor of cybersecurity at Ulster University Kevin Curran joins us this week to talk about the legacy of WannaCry.
Highlights
“First of all, you have to know your assets and what you're protecting, and then have the multi-factor authentication in, but you have to make sure that all your systems are patched and fully up to date. And then you want to have anti-malware, anti-spyware, you want to have real time analysis of the networks… Then you’ve got to train your workforce to be able to recognise social engineering attacks.”
“[Attackers] don't want to be too successful. We found that with the some of the larger attacks, the Colonial Pipeline [attack] against the United States, and the Irish hospital system, which was brought to its knees, so you don’t want to be too successful, because then the authorities will come after you as well.”
“One of the recommendations is, of course, you have automated patch management of your operating system, of your environments, and also of your software. As such, there are tools which can try to, and that do actually take snapshots of your systems, and can restore them… There's companies which specialise in that, whenever you're attacked, that they'll get your system up and running.”
Read the full transcript here.
Footnotes
- The IT Pro Podcast: Should companies spy on their employees?
- A month in the life of a social engineer – part one
- Crypto.com confirms $34 million hack caused by 2FA bypass exploit
- Colonial Pipeline CEO confirms $4.4 million payment to DarkSide hackers
- What is WannaCry?
- WannaCry showed the world how not to write ransomware
- Over two-thirds of companies still run software with WannaCry flaw
- WannaCry's ghost is still wreaking havoc five years on
- Calls for international support to fight ‘uncontrollable’ ransomware surge in developing countries
- Irish Health Service hit by ransomware attack
- Dogwalk RCE variant among 121 vulnerabilities fixed in Microsoft's August Patch Tuesday
- Visa pins end-of-week outage on 'hardware failure'
Subscribe
-
The new era of cyber threatsITPro Podcast With AI-powered attacks and state-backed groups, security teams face face a new wave of sophisticated threats
-
"Thinly spread": Questions raised over UK government’s latest cyber funding schemeThe funding will go towards bolstering cyber skills, though some industry experts have questioned the size of the price tag
-
Supply chain scares and Google’s AI codeITPro Podcast As the ransomware attack on Blue Yonder disrupts a wide range of firms, Google moves to lead by example on internal AI code
-
Halloween special: Cybersecurity horror storiesPodcast Join us for three terrifying tales sure to chill any IT professional to the core
-
Modern enterprise cybersecuritywhitepaper Cultivating resilience with reduced detection and response times
-
IDC InfoBrief: How CIOs can achieve the promised benefits of sustainabilitywhitepaper CIOs are facing two conflicting strategic imperatives
-
Securing your business with education and trainingITPro Podcast Keeping your workforce updated on the latest threats requires a cohesive cyber skills strategy
-
Cracking open insider threatsITPro Podcast Leaders need to perform strict identity measures on would-be hires – and ensure employees who leave have access promptly removed
