A month after WannaCry: How do we stop the next threat?

Computer Security

It’s been almost a month since the WannaCry ransomware attacks crippled businesses and governments in more than 150 countries.

Though the attack was short-lived with a “kill switch” quickly identified, the disruption sent a clear message: As bad actors become more powerful and bold in their attacks, organizations must step up their game to stay safe online.

WannaCry caused more disruption than we have seen in quite a while because it combined next-generation threats and vulnerabilities with automation. This style of attacks – and ones aimed at specific industries – should be expected in the future.

While DXC and other experts have suggested that this threat style would be prevalent in 2017, organizations tend to be in various stages of preparedness. Patching regimes need to be reviewed. Network traffic needs to be inspected more.  Backup routines need to be strengthened, and systems that are almost stand alone should be included in IT inventory monitoring.

Dealing with these new threats requires us to look well beyond typical mechanisms to protect, detect and respond. At DXC, we are using big data and analytics to find anomalies before they grow into bigger issues, something that could work on a WannaCry-like attack that has code for built-in testing whether the user wants to run it or not. Extending this approach with the use of security mechanisms such as honeypots and black holes could also help.

Ultimately what’s needed are smaller attack domains. This can be accomplished by compartmentalizing and segregating network activity. Also, by integrating with vendors early in the process of vulnerability identification, organizations can improve their security posture. Some of this is already underway, and having a partner ecosystem that links engineering teams is critical.

In the near future, I see artificial intelligence and robotics helping the cause. These tools will draw on the combined power of (anonymized) data from multiple organizations. This type of collaboration and sharing of best practices will be essential to the fight.

As digital transformation continues across organizations, enabling seamless, instant connectivity between people, applications, devices and things, security must remain top of mind. As organizations continue to invest in proven security technologies and grow their security awareness, our information assets have a fighting chance.

Take this self-assessment to see if your organization is ready for the next attack.


Chris Moyer is chief technology officer for Security at DXC Technology. He has spent more than 25 years building business and technology solutions for clients in several industries across multiple geographies. In previous roles, he has led solutioning, transformation projects and delivery assurance. He is also a member of the Institute of Electrical and Electronics Engineers. Connect with him on Twitter and LinkedIn.

 

RELATED LINKS

Lessons learned from the WannaCry ransomware attacks

Business leaders still disconnected from cyber risks

Managing enterprise risk in a connected world

Trackbacks

  1. […] man auch in Zukunft gefasst sein“, schrieb Chris Moyer, CTO bei DXC Technology unlängst in einem Blog-Eintrag auf DXC und BVEx. Wie der aktuelle Petya-Angriff zeigt, sollte er leider Recht behalten. Wieder ist […]

    Like

  2. […] A month after WannaCry: How do we stop the next threat? […]

    Like

  3. […] Dieser Artikel erschien im Original im Juni 2017 bei DXC Technology. […]

    Like

  4. […] May 2017, WannaCry hit more than 200,000 computers in 150 countries, taking hostage computers belonging to banks, […]

    Like

  5. […] A month after WannaCry: How do we stop the next threat? […]

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: