The WannaCry ransomware attack spread so quickly and has been so disruptive that IT departments can’t get enough information about what caused it, how it can be remediated and what can be done to protect their organizations from similar threats. This thirst for insights, explanations and best practices was evident during the Q&A portion of our recent webcast “How to Rapidly Identify Assets at Risk to WannaCry Ransomware.”
It didn’t have to happen.
That’s the simple yet profound lesson from WannaCry’s ransomware rampage that has infected 300,000-plus systems in more than 150 countries, disrupting critical operations across industries, including healthcare, government, transportation and finance.
If vulnerable systems had been patched and maintained as part of a proactive and comprehensive system configuration and vulnerability management program, the attack would have been a dud, barely registering on anyone’s InfoSec radar.
“WannaCry was totally preventable with the proper patching and the proper build configurations,” Mark Butler, Qualys’ Chief Information Security Officer (CISO), said during a webcast this week. “That’s a reminder to all of us that you didn’t have to be a victim.”
There are various workarounds for mitigating the underlying WannaCry vulnerability, but those are stopgap measures. “The primary way to remediate this vulnerability is through disciplined and timely patching,” Qualys Product Management Director Jimmy Graham said during the webcast, titled “How to Rapidly Identify Assets at Risk to WannaCry Ransomware.”
In what may be the first public weaponizing of April’s Shadow Brokers dump of NSA exploits, a ransomware attack has crippled IT systems globally and disrupted operations at major organizations, including patient services at UK hospitals.
The SANS Institute recently released its 2017 report on cybersecurity trends. We examined the report’s six threat trends in a recent blog post, as well as in a webcast with the report’s author, security analyst John Pescatore, and with Qualys Product Management Vice President Chris Carlson. Now, we’re providing you with a useful checklist to help put you in a better position to respond these trends, which are expected to continue to dominate this year.
A major challenge for enterprise InfoSec teams is keeping their finger on the pulse of two constantly changing elements: external cyber threats and internal technology needs.
Staying a step ahead and proactively adjusting their organization’s security posture accordingly is a must in order to keep attack risks as low as possible. So what are the major shifts in threats and business technology use that CISOs and their staff face in 2017? And how should they respond to these changes?
You will find comprehensive answers to those and other critical InfoSec questions in a new SANS Institute whitepaper written by security analyst John Pescatore.
Considering that database systems hold extremely valuable and sensitive information, one would assume that most organizations would fiercely protect these “crown jewels” with great care. Unfortunately, that is not the case.
Throngs of databases in organizations worldwide are unsafe, at high risk of being breached by malicious hackers, rogue employees and crooked partners. This sorry state of database security puts financial data, customer information, health records, intellectual property treasures and more in grave danger.
Below we’ll discuss the two main causes for database security breakdowns — unpatched vulnerabilities and configuration errors — along with helpful tips for reducing the risk of database breaches.