The WannaCry Ransomware Attack: 5 Things IT Pros Can Learn

Simple steps to protect your organization from future variants.

May 21, 2017 • Published by

Don’t miss important lessons from the WannaCry ransomware attack.

Last week was a rough one in the IT world, as organizations around the globe scrambled to avoid being caught up in the WannaCry ransomware attack.

If your organization was spared this round, it doesn’t mean you should pat yourself on the back and move on, business as usual. Fact is, most organizations aren’t at a state of security maturity that affords them this level of comfort.

Ensure that you’ve mastered the basics.

Sometimes the most fundamental IT security activities are overlooked. The healthcare industry is especially vulnerable to this happening, and we saw that with the WannaCry ransomware attack.  

But it’s not just healthcare that can learn lessons in these situations, so here is my list of 5 things any IT professional can learn from the WannaCry ransomware attack:

  1. Data backups are business critical (ensure they’re conducted frequently and tested to validate that the recovery process works).
  2. Traditional anti-virus is not sufficient for stopping these types of attacks. In other words, you must layer up.
  3. Patches need to be current, so make sure you have a program in place for ensuring that patches are implemented in a timely manner.
  4. Old, unsupported operating systems are hacker magnets. Get the organization off them—like yesterday!
  5. Ransomware almost always enters the organization through a successful phishing email. Educate, educate, educate your employees not to open something if it is questionable or it comes from an unknown source.

Again, these are basic security practices, but it’s obvious many organizations don’t have them in place. If they did, the WannaCry ransomware attack wouldn’t have been anywhere near as successful.

Understand defense in depth.

There is no one thing any organization can do to completely protect itself from data thieves, so it’s very important to understand how defense in depth works and then implement it accordingly.

As I noted above, traditional anti-virus software will not detect today’s sophisticated ransomware. If your organization has not yet layered up in this area, I highly recommend viewing the following webinar to learn more about advanced endpoint security: