WannaCry ransomware or WannaCrypt—as it is also known—which occurred in May this year targeted computers running Windows operating systems by encrypting data and demanding ransom in bitcoin cryptography.
This was one of the most devastating security attacks in recent times, which has extensively crippled banks, law enforcement agencies and critical infrastructure disrupting citizen services in dozens of countries around the world. Although WannaCry ransomware was contained, it caused extensive damage and this experience should serve as a wake-up call for the industry to take stock of security practices.
WannaCry spread by exploiting a vulnerability in Windows Server Message Block protocol. A security researcher in the UK discovered an accidental kill switch by registering a domain name he found in the code of the ransomware, effectively halting the spread of the attack.
But security attacks like WannaCry is not a one-off incident and can strike again. Microsoft had issued a patch earlier to safeguard against this vulnerability along with a critical advisory but very few organizations had applied it, leaving themselves vulnerable for the attack.
WannCry spread because the patches were released for currently supported systems, but the vulnerability has been present in all versions of Windows dating back to Windows XP. For these older systems – no longer supported by Microsoft but still widely used – the patches were not available.
Organizations must ensure that they update patches timely and regularly. But the big question is whether organizations are vigilant and disciplined enough to do so. Do organizations implement rigorous security practices to build security defences and effectively ward off security attacks. Are organizations adopting proactive monitoring of the systems; deploying additional security layers and taking regular backup of systems?
Umbrella Infocare offers comprehensive managed services in which ensuring organizational security is a key deliverable. None of our customers were affected by WaanCry because we had followed stringent security practices including regular updates of security patches.
Importantly, if any of our customers were affected, our 24×7 support service will jump to defend the customer and ensure that damages are minimal. Besides we follow rigorous security practices that includes strict identity-based access mechanisms and open only ports that are required. We practice server hardening processes allowing only those features necessary for organizational usage and eliminating unnecessary risks.
We deploy additional security layers which includes host-based firewall, email security systems, IDS / IPS system, etc. Our managed services follow the principle of proactive monitoring wherein we closely monitor systems and are able to detect variations in patterns or unusual practices and take measures to prevent an attack. We follow external influences and vulnerability trends and take proactive measures to defend our customers.
Organizational security is a highly specialized area and require constant monitoring and engagement. It requires tweaking, optimization and ensuring continuous compliance, all of which is time consuming and resource-intensive. We at Umbrella believe in delivering managed services which is secure, compliant and reliable. This is our business and it makes sense for us to invest in security best practices, resources and skill sets aimed at helping our clients, so they can focus on achieving their business objectives.