Wednesday, June 28, 2017

The Latest Wake Up Call: Is Your Data Protected Against Ransomware?

By: Stephen Nowicki   Categories:Security

The Latest Wake Up Call: Is Your Data Protected Against Ransomware?

Today, news broke of new threat called "Petya" , the latest in a disturbing trend of ransomware attacks worldwide. It is becoming one of the top types of Malware and the sophistication of these types of attacks are ever increasing.  These latest global attacks, including the recent “WannaCry” attack are examples of the sophistication of these threats  This Ransomware was combined with a worm-like behaviour that aided the spread of the malware based upon OS vulnerabilities.      

Many experts predict that the sophistication and extent of these types of attacks are only going to increase – which challenges all IT organizations.

I discussed in May how Enterprises can leverage backups as an insurance against Ransomware.
 
However, backups form a way to recover from a successful exploit only.  The time and cost, along with the risk of having devices infected in the first place should be avoided, if possible.

Looking at the “WannaCry” malware, experts understood that the quick spread of the malware was aided by a known Windows vulnerability that Microsoft published a patch on March 14, 2017.  So why were so many machines in so many countries affected.  This points to the ever present challenge of patch management and ensuring that all your corporate devices that access or have sensitive data on them are regularly patched.  There are tools that can help manage these onerous tasks and report on status anytime.

Enterprises cannot rely on end user education only to protect devices.  

Many customers also ask, what else can I do?  

Here are some considerations:

1) Sandboxing  – helps against zero day (as yet unknown) threats.

2) Anti-Malware – software solutions that leverage various technologies, including machine learning to assist in protecting devices.

3) Mobile Device Management (MDM) – solutions to ensure devices are properly protected.

4) Properly manage data access and share rights.

5) Database Security software/appliances

Finally, talk to a security partner who can help with a risk assessment and putting together best of breed solutions to help reduce the risk.

Stephen Nowicki
Network Practice Lead, Sentia

Tags: Ransomware wannacry security cyber security petya attack ransomware attack cyber threat
SNowicki
SNowicki

Stephen Nowicki

Stephen Nowicki has over 20 years’ experience in IT with a focus on Networking.

Other posts by Stephen Nowicki
Contact author Full biography

Full biography

Stephen Nowicki has over 20 years’ experience in IT with a focus on Networking. He is Sentia’s Network Practice Lead and Technical Leader focused on helping customers achieve business goals. He has been a trusted advisor to many large and medium enterprises across business verticals including financial, manufacturing, health care, high-tech and media.

x

Contact author

x

CategoryID: