Network Critical - The Window to your Network

Don’t it Make you WannaCry?!


It is enough to make anyone responsible for network security to want to sit down and cry. What is? The WannaCry ransomware attack, of course. The attack hit 150 countries in one day. The bad news is that there will be more such attacks in the future. The WannaCry ransomware attack is the broadest such attack in history.The good news is that we are not defenseless. Here are some history, thoughts and precautions about WannaCry and other malware.

By now, most of us have heard of the WannaCry attack. It is a trojan virus that encrypts all the data on the infected computer and instructs the owner to pay US$300 to decrypt the data. If the ransom is not paid in bitcoin in three days, the ransom amount doubles to US$600. After seven days all data will be deleted from the system.

So, how does the virus get into a computer? Generally the user is tricked into loading an infected file. Therefore, being cautious with your clicks is the best way to keep your files safe. According to a great security blog called Krebs on Security, here are three keys to help stay safe from this and other malicious viruses:

- If you did not go looking for it, don’t install it.
- If you installed it, update it. (WannaCry exploited a vulnerability in older systems)
- If you no longer need it, get rid of it.

These rules apply for all devices, desktops, smartphones, and tablets. Microsoft has macros turned off by default on most computers because they allow attackers to take advantage of resources that could result in running code on the system. Be very cautious of clicking on a request to “Enable Macros”. Also, regularly backup your data on a device that is not networked or connected to your computer. A current, disassociated back-up is your best defense against a ransomware attack.

With that background, we know that WannaCry exploited an old Microsoft Office vulnerability. Microsoft has since created a patch and is making it available to Windows XP, Windows 8 and Windows Server 2003. But wait, there is more…

According to an article by Bruce Schneier in Foreign Affairs, The National Security Agency (NSA) detected this flaw years ago but chose not to disclose it. Wait, w hat? Why on earth would they not expose a potential flaw that could cripple hundreds of thousands of computers worldwide if it got into the wrong hands? (There is an argument that being under control of the NSA constitutes being in the wrong hands, but that is a story for another day.)

The government agency had found a vulnerability and made a decision to exploit it rather than disclose it. This code, it seems, is a powerful weapon in gathering intelligence. With its own mission in mind news of the the code was kept quiet. Subsequently, the code was leaked and ended up in the “wrong hands” doing substantial damage around the globe.

Schneier suggests that the US agencies would be better served by using a stream of newly discovered vulnerabilities for offensive intelligence and disclose existing vulnerabilities to the community for defensive purposes. This idea keeps the intelligence flowing while helping improve security on systems everywhere.

The moral of this story is that cyber security is an ecosystem not an individual responsibility. In order to stifle ubiquitous attacks on computers and systems everywhere, the entire cyber community must remain vigilant and informed. This includes IT professionals as well as non-IT users. Companies and individual users must keep patches up to date. New employees must be trained on security practices for computer and network use. Strong perimeter security must be deployed and maintained to the latest standards.

Network Critical works with many partner companies who provide innovative approaches to network performance and security. These companies provide Firewalls, Intrusion Prevention Systems, Data Loss Protection, intelligent malware detection, WAN acceleration and performance as well as many other appliances to help protect computers and networks.

TAPs and Packet Brokers provide safe and secure connectivity and visibility to these protective appliances. Connecting specialized security appliances with Network Critical’s SmartNA TAPs and SmartNA-X Packet Brokers allows companies to add new layers of security without compromising network reliability or availability.

If you don’t WannaCry about malicious viruses, review your cyber practices now. Update patches, review user training and access policy and shore up your perimeter defenses.

Posted: 21/07/2017 13:01:31 by Network Critical with 0 comments
Trackback URL: http://www.networkcritical.com/trackback/039a4d6a-c921-48cf-bfba-1baec1e4596f/Don’t-it-Make-you-WannaCry-!.aspx?culture=en-GB

Comments

Blog post currently doesn't have any comments.