“I don’t know who you are. I don’t know what you want. If you are looking for ransom, I can tell you I don’t have money. But what I do have are a very particular set of skills, skills I have acquired over a very long career. Skills that make me a nightmare for people like you.” – Liam Neeson, Taken, 2008
The last few months have seen two serious and destructive “ransomware” attacks that significantly affected the operations of several major organizations worldwide. May’s “Wannacry” and June’s “NotPetya” attack affected millions of staff and caused significant damage – as was their intention.
Ransomware costs for 2017 are estimated in the billions, with a “B”. Not to mention the danger posed by critical systems being down at organizations such as health systems and nuclear power plants.
The attacks are becoming more frequent and more sophisticated with each incident. We will never be able to stop the criminals from striking, so it is imperative that we use all the skills at our disposal to thwart them. What can we do?
Vigilance is key. Both of the recent attacks could have largely been mitigated by a patch provided by Microsoft in March, two months before the first attack. Unfortunately, several of the victims either simply didn’t apply the patch, or were using outdated/unsupported products that did not allow for this to occur. It can be expensive to keep systems up to date, but the cost of not doing so can be astronomical.
As much as we do to keep our technology up to date, every organization has one weak point that cannot ever be fully controlled – people. Human error is a major factor in allowing these attacks to propagate themselves. Train your people to always be on the defensive and follow best practices.
While we work to prevent the threat of an attack, it is also imperative to have a plan in place of what to do in the event the disaster strikes.
Being hit with a ransomware attack is a worst-case scenario, but one that can be avoided with proper planning and training. Contact the BC in the Cloud team to learn more about how we can help you learn the skills to prepare for attack.
Reach out for a no obligation, initial conversation.