WannaCry, Petya And All That Is Wrong With The Cybersecurity Ecosystem
No excuses. Don't even try to act shocked, or tell me you didn't know this could happen.
In May 2017, the WannaCry ransomware spread viscously across the worldwide web, affecting more than 300,000 PCs across the globe. And, then again on June 18th, 64 countries and more than 2,000 victims fell prey to Petya, mimicking the very same security flaw as WannaCry.
Both attacks could have been avoided by using less than a handful of common best practices.
Pardon my French, but why the hell are organizations still not patching their systems in 2017!?
With patch management systems, vulnerability scanners, and threat intelligence, why are we still falling into the same trap?
I mean, there are so many good (and not so good) cybersecurity vendors out there, the technology that is supposed to safeguard us from an attack is sound! Don’t get me wrong, there are no silver bullets, but you can certainly make it hard enough for the bad guys to deter them from even trying!
My professional network is filled with talented cybersecurity practitioners who work at some of the very best technology vendors out there. Which is why I’m puzzled when these sorts of things happen, putting nation state attacks aside, these types of campaigns should just not exist in 2017.
So, tell me, what was your excuse?
I've deduced that it is one of the following reasons. Either the companies that got hit, were ignorant or they lacked the resources needed to act upon this threat, or both.
There is a sigh of relief here, in my little rant. What you need now, is a plan of action.
For the full post, recommendations and threat intelligence reports on both Wannacry and Petya, check out our blog.
CEO, Founder, Seed Investor.
7 年Nir Krakowski thanks for the feedback. I get the problem with production systems and yet, businesses need to prioritize and map their assets/assign a risk to them. Once that is done, it will be easier to decide what must be patched and what isn't a must. There are also other solutions as well, like EDR solutions and IDS/IPS with the right signature (based on TI, etc.)
CTO at Deepdub.ai - creating global audiences
7 年The problem is with production systems that weren't built for rapid development and deployment, its an inherent flaw in the design, not allowing upgrades to the system. a lot of equipment where the OS is just a basic platform, but still leaves a lot of open holes.