When it comes to Ransomware, the best offense is a good defense
By Brett Hansen, Executive Director, Client Security, Dell
The need for cybersecurity awareness and preparedness is once again top of mind as companies across the globe are reeling after the WannaCry ransomware attack last month, and now the NotPetya ransomware attack just last week (also referred to as Petya or Goldeneye). We have been speaking to numerous customers since the attacks and all are trying to understand what more they can be doing to protect themselves. Unfortunately, malware variants like ransomware are not going to disappear anytime soon. In fact, according to the US Department of Justice, 4,000 ransomware attacks happen daily, which adds up to 1,460,000 attacks a year, millions of dollars on the line and numerous amounts of your data that could potentially be compromised.
In cybersecurity, the best offense is a good defense. Threats evolve quickly and it is imperative that organizations implement a multi-faceted security approach that can effectively stop evolving threats. While there is no silver bullet for complete endpoint and data security protection, there are many solutions available today that can significantly help protect against threats and keep critical data secure.
The most important solution that organizations need to consider is an advanced threat prevention solution to identify malicious threats and stop them before they can run. There are many solutions available today, but they’re not all created equal. Many traditional anti-virus solutions are based on legacy technology – and legacy threats – of 20 years ago when the number of malware variants were measured in the thousands per year, not hundreds of thousands per day. Signature-based anti-virus solutions have had a declining efficacy for years precisely because they can’t keep up with the multitude of variants out there, and nor can they effectively protect against advanced threats such as zero day attacks.
An advanced threat prevention solution is only one step. In our blog post about the WannaCry issue last month, we talked about the need to keep the software that you have in place updated and deploy all patches promptly. This is how the WannaCry attack occurred and became so widespread – the worm took advantage of a vulnerability in older versions of Windows, and the attackers bet that many organizations had not deployed the patch that was provided a few months prior. NotPetya is different in that it used more than one way to infiltrate systems and propagate itself, but one of the ways that it spread was through this same vulnerability. This demonstrates that known vulnerabilities will continue to be exploited because many organizations do not deploy patches in a timely manner –something that we’ll explore in greater detail in a future post.
If you are interested in learning more about ransomware, please read The Real Cost of Ransomware by Jim Shook of the Dell EMC Protection Group and Ransomware and What You Can Do To Help Protect Your Data by Alan Daines, Chief Information Security Officer at Dell.
Two blogs worth reading from security organizations under the Dell Technologies umbrella are In the Aftermath of the “NotPetya” Attack by Mike Cote of Secureworks, and What Your Business Can Learn About WannaCry by Rohit Ghai of RSA.