Don’t Let History Repeat Itself
Those who don’t learn from the past are sure to repeat it. As we enter August, it’s a perfect time to reflect on lessons learned from the biggest global security threats of the summer.
There are vital security protections that organizations should have in place to reduce risk and protect against the next disaster. After experiencing this summer’s storm of events, it’s important to evaluate your patch strategy and ensure the safety of your company.
The WannaCry attack in May affected computers in 12 countries, including the NHS. In June, a South Korean hosting company paid out $1 Million USD in bitcoin, the largest sum ever, after being infected by the Erebus malware. Most recently, the NotPetya ransomware was spread via forced automatic updates, affecting global businesses.
Below are tips to ensure your organization doesn’t become an IT security cautionary tale this summer.
1. Don’t Count on a Kill Switch
Before the kill switch to WannaCry was discovered by accident, it had already infected tens of thousands of computers across the world, shutting down vital systems used by the NHS in the UK.
Don’t rely on a kill switch to save the day in future attacks though, most ransomware doesn’t have this capability. New variants of WannaCry are still being released that ignore the kill switch.
WannaCry exploits a weakness in the Microsoft Operating Systems that were originally identified by the NSA. Microsoft patched these weaknesses in March 2017 and tools like Cloud Management Suite, Windows Update or other patching solutions should be already protected by deploying MS17-010.
2. Don’t Count on Auto Updates
A set it and forget it mentality to IT security is appealing, however, it rarely works out in the IT manager’s favor. NotPetya has highlighted the danger of relying on auto updates to secure your operating systems and third party applications. Security experts say accounting program provider MeDoc was breached and the NotPetya ransomware was spread via forced automatic updates. The attack has so far been detected in Poland, Italy, Germany, France, the US, the UK, Russia, and Ukraine.
Cloud Management Suite has always recommended disabling auto updates in apps and OS to allow you to properly test, pilot and control distribution of updates.
3. Patch in a Timely Manner
Patch management should never be delayed. The vast majority of security events are attack vulnerabilities that have already been addressed. In the case of WannaCry, Microsoft had released an update that addressed the vulnerability two months prior to the worldwide attack.
By putting off patching, you leave your environment completely vulnerable to exploits and ransomware. Always be prepared for doomsday by patching consistently and efficiently.
Start a free, 14-day trial of Cloud Management Suite, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.