WannaCry, a global cyberattack by the WannaCry ransomware cryptoworm, has crippled at least 100,000 organizations and over 200,000 endpoints in more than 150 countries. It targets computers running Windows by encrypting data and demands a Bitcoin ransom of several hundred dollars.
Scared yet? According to three members of the IBM Security team in the webinar “WannaCry Ransomware Attack – What to Do Now,” you shouldn’t be. But you should be smart and proactive.
Kevin Albano, X-Force IRIS Global Lead for Threat Intelligence, IBM Security, said organizations, especially those with a mobile or distributed workforce, need to ensure ample protections are in place to ensure continuous system integrity. An important piece of this protection is patching, which involves the regular application of software, also known as “patches” or sometimes “bug fixes.” These pieces of software update a computer program or its supporting data — to fix or improve it, or “patch” a flaw in the code that a hacker might exploit.
“Companies need to make sure their IT departments are keeping their systems in shape,” said Albano. “Companies can use a script to identify which systems are vulnerable, and then make sure those systems are being patched on a regular basis.”
According to Albano and Jim Brennan, IBM Security’s Director of Strategy and Offering Management, system reimaging, which involves rebuilding a system drive with the exact content contained in a recently “grabbed” disk image — a kind of facsimile of the hard drive — is the first and most crucial line of defense.
“Cyberattacks like WannaCry mean you’re going to have to rebuild an infected system,” said Brennan. “The sad reality is that this is how most of these things end up … requiring that you do a reimaging of the system.”
“Of course, you want to make sure that you’ve [worked hard on] containment and network hygiene so that you’re not putting a nice, new, clean system up there just to get infected again.”
The notion of reimaging a system might seem obvious to some, but Brennan empathizes the point that the smallest things can make the difference between disaster and survival.
“Sometimes we forget that the fundamentals can have the greatest impact,” he said of system reimaging, which Diana Kelley, Executive Security Advisor, IBM Security, then referred to as “an admin’s best friend — being able to ‘shoot the cow’ and start again.”
You can view “WannaCry Ransomware Attack – What to Do Now” any time by clicking on the “VIEW WEBINAR” link above. The webinar covers a lot of ground when it comes to WannaCry, including:
- What is WannaCry?
- What makes WannaCry so sophisticated?
- 5 critical steps to ensuring you and/or your organization is protected
- Security best practices
- Next steps