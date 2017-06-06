Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Home » Security »

Basic security hygiene blocked WannaCry – but a comprehensive defence needs more

David Braue | June 6, 2017
High-profile breaches grab headlines but there are much bigger threats to deal with.

man with arrow

 

It may have sent European businesses scrambling and the security community abuzz, but the WannaCry ransomware attack's fizzling in the United States and Australia means its legacy will be mostly as a cautionary tale - and, one security expert warns, a potential distraction from more important security issues.

The world may have braced for a global epidemic of new ransomware infections once news of WannaCry's Saturday assault on the UK National Health Service spread, but by the time the week began "we just didn't see quite what we were expecting," says Bill Smith, senior vice president of worldwide field operations with security firm LogRhythm.

"We were expecting a big flareup when everyone logged in on Monday morning, but we really didn't," Smith said. "There really wasn't anything unusual about WannaCry - it was run-of-the-mill, commodity ransomware - but what was unique was its ability to propagate itself, which we hadn't seen to that extent before."

Accurate estimates of the damage to Australia vary, but an officially published figure of 12 afflicted companies confirmed that the ransomware had failed to make as big of an impact in this country. This was lucky, given that recent figures from Flexera Software's latest Australia Country Report reported a strong rise in the number of Australian PC users with unpatched operating systems since the end of 2016. It also suggests that many companies may be following government advice by adopting the Australian Signals Directorate's Essential Eight mitigation strategies, which the Australian Cyber Security Centre (ACSC) noted would have protected organisations from WannaCry.

Yet as other attacks emerge based on the same EternalBlue vulnerability that WannaCry exploited, unpatched systems will once again face compromise and businesses will once again be scrambling to protect themselves. It's a surefire sign that conventional defences can only go so far in protecting against novel attacks - and that patching remains a cat-and-mouse game as new vulnerabilities are continually discovered.

"We have to be careful of creating a false sense of security that if we patch our systems everything is OK," Smith warned. "The vast majority of security budget is still spent on prevention methodologies, but the dirty little secret of security breaches is that most of them involve compromised credentials. And it doesn't matter if you patch your system, if attackers have your username and password."

Indeed, Verizon's latest Data Breach Investigations Report (DBIR) 2017 found that fully 81 percent of hacking-related breaches leveraged stolen and/or weak passwords - meaning that intruders were able to compromise networks not through stealthy exploits like EternalBlue, but by simply walking in the front door of the network.

 

1  2  3  Next Page 

Sign up for Computerworld eNewsletters.

FEATURED RESOURCES

The art of maintaining business buy-in

How and why to hire a CISO

Legacy processes are holding back your digital business

CIOs key to bridging the IT/OT divide

Asian organisations need to do more to reduce insider threats

Nomura Securities uses AI analytics to improve data quality

CHARLES & KEITH leverages CyberSource suite to manage online store payments

Newstead to distribute service robots targeted at retailers in Singapore

MDEC exclusive: Looking for the X factor behind Malaysia's Digital Hub strategy

DHL uses IoT to improve workplace safety for warehouse employees in Singapore

How Mastercard is helping Malaysia's Cyberjaya become a global tech hub

Malaysia's iflix spreads net to Africa

Handling cloud security still keeps CIOs up at night

Malaysia's Cyberjaya at 'tipping point,’ now eyes global tech hub goal

MDEC exclusive: Looking for the X factor behind Malaysia's Digital Hub strategy