WannaCry Ransomware attack: How it spread and how it could be avoided
In the days to follow, the cyber-attack had hit more than 100 countries around the world. Chinese petrol stations payment systems were brought down, and a large number of colleges and students in China were affected by the attack. In the US, the global shipping company FedEx’s logistical operations were disrupted.
May 14th - The European police agency Europol warned that the situation could worsen when workers return to their offices on Monday after the weekend. However, the agency claimed today to have avoided further fallout from a global cyber-attack. “The number of victims appears not to have gone up, and so far the situation seems stable in Europe, which is a success,” senior spokesman for Europol, Jan Op Gen Oorth told AFP.
How could this cyber-attack be avoided?
Patch updates. The best defence against such ransomware cyber-attacks is to ensure patch updates are regularly applied with appropriate priority to systems hosting critical data. “The challenge is to prioritise the patch update process and the systems needing the patch based on criticality of data and services. This is where decision support systems such as RHEA Group’s PSec solution come in,” said Douglas Wiemer, RHEA Group’s Director, Security and Crisis Management.
Security awareness training. The cyber-attack started with a simple phishing email and could have been avoided with the right cybersecurity training. “Employees need to be aware of the threat environment and their role in avoiding and reacting to cyber-attacks. This is an important part of the cyber defence strategy, and it is often underestimated,” said Gerry Deneault, RHEA Inc’s Vice President, Business Development.
Data protection. Having proper data protection measures, such a comprehensive backup strategy is important to mitigate the risk associated to ransomware attacks. Proper backups ensure that critical data is available and can be restored, independent of the cyber-attacker demands. Paying the ransom should always be avoided as there are no guarantees the cyber-attacker will release the data even if the ransom is paid.
Incident response plans. In case such an incident would occur, companies need to have an effective incident management process in place in order to minimize its business impact. “If affected, step one would be to disconnect your computer from the network instantly, to avoid further propagation of the attack,” said Vincent Van Dongen, RHEA Group’s Business Developer, Cybersecurity.
EVOLVING SECURITY SOLUTIONS
RHEA Group has developed a security method to secure the most advanced, complex organizations and critical infrastructure. Discover the four packages of our revolutionary security solution.