The WannaCry ransomware attack represents one of the most severe malware attacks of the year so far, and one that has shifted the tides in the cybersecurity market. Prior to this attack, some of the world’s most sophisticated cyber tools remained in the hands of governments, but now this information has gone from the intelligence agencies to the streets, permitting your average cybercriminal to take down huge amounts of infrastructure without much effort.
WannaCry initially hit on May 12, blocking access to files for a slew of organizations until a ransom was paid. Throughout the following weekend, the attack spread to at least 16 hospitals in the United Kingdom, a telecom company in Spain, the Russian government, trains in Frankfurt and federal agencies in China, to name a few. Initially affecting an estimated 57,000 computers, the damaging malware eventually surged to more than 230,000 impacted systems across more than 150 countries.
How did this ransomware get so potent? It was based off of information stolen from the National Security Administration, which had created “EternalBlue,” an intelligence gathering cyber weapon that exploited a Windows Server Message Block protocol.
Luckily, this wave of WannaCry ransomware had a built-in kill switch that helped minimize some of the damage. Major government entities that were hit, like China’s National Petroleum Corp., were back up and running with systems restored by Tuesday. A more robust operation executed by sophisticated actors could have had far wider and more damaging scope.
What does this mean for businesses going forward, now that we live in a post-WannaCry world? First, it’s never safe to assume that a cyber incident of this scale won’t affect your business. You need to be prepared because the next ransomware attack is right around the corner, as evidenced by NotPetya on the heels of WannaCry.
Second, whether you’re a small business or a large enterprise, you must take important steps to improve your overall cyber health and manage risk — after all, a simple Windows XP patch would have stopped the spread of WannaCry. This includes regular scanning and patching of vulnerabilities, improving user education to avoid phishing and other social engineering threats, using strong passwords, and more. After all, we now live in an interconnected world, and with the rise of high-profile cyber threats, that comes at a price.
Third, you must prioritize your IT security budget for 2018. This is an investment that must be made — whether it’s hiring more security specialists or outsourcing your security needs to a third party. Any upfront investment in cybersecurity technology pales in comparison to the hit businesses could take if they are affected by malware. WannaCry cost a total estimated $4 billion, and cyberbreaches cost small businesses about $100,000 in lost revenue due to downtime. Now that the world has seen a true ransomware worm that doesn’t discriminate by industry or information, every organization needs to have a breach response plan about how it would face similar attacks and put security spending at the top of the budget for the New Year.
Finally, enterprises need to prepare for the inevitable and take cyber insurance more seriously. Businesses won’t always be able to recover their lost data after a sophisticated cyber event, like some eventually could after WannaCry. A ransomware attack could come at an insurmountable cost that risks a company losing not only its customers’ trust but the data that keeps its business running.
At Merritt Group, we’ve had our fingers on the pulse of the cybersecurity industry for nearly 20 years. In a post-WannaCry world, one thing is clear: There is no silver bullet technology for total cybersecurity, so it’s critical that we activate all members of the community to help fight this battle against bad cyber actors. From boardrooms to Congress to security researchers, global alliances and more — we all need to get involved. To prepare for the next wave of global cyber attacks like WannaCry, collaboration will be key.
Want more information on how to position your cybersecurity company in the market? Contact Merritt Group today at firstname.lastname@example.org to get our expert opinion on PR cybersecurity.