After Wanna-Cry how do we stop the next threat

By Prempal Singh 0 Comment June 9, 2017  kaspersky, kaspersky wannacry, mcafree wannacry, microsoft, microsoft patch wannacry, microsoft wannacry, ms17-010, ransomware wannacry, ransomwrae wannacry virus, symantec wannacry, virus wanancry 2.0, wanna cry, wannacry Bnpyc, wannacry mac, wannacry malware, wannacry patch, wannacry ransomware, wannacry windows 10, wannacry windows 7, wannacrypt windows update, windows update wannacry

It’s almost a month since the WannaCry ransomware problems crippled businesses and authorities in more than 150 countries.

Though the assault was short-lived with a “kill switch” quickly recognized, the disruption sent a clear message, As bad actors become more powerful and bold in their problems, organizations must step up their game to stay safe online.

WannaCry creates more disruption than we have seen in quite a while since it put together next-generation threats and weaknesses with automation. This kind of problems – and ones targeted at specific industries – should be expected in the future.

While DXC and other experts have suggested that this risk style would be common in 2017, organizations have a tendency to maintain various levels of preparedness. Patching routines need to be analyzed. Network traffic needs to be inspected more. Backup routines need to be strengthened, and systems that are almost standalone should be included in IT inventory monitoring.

Dealing with these new threats requires us to look well beyond typical mechanisms to protect, discover and react. At DXC, we are using big data and analytics to find flaws before they advance to bigger issues, something that can work on a WannaCry-like attack that has code for built-in testing whether the user wants to run it or not. Extending this approach by using security mechanisms such as honeypots and black gaps could also help.

In the end what’s needed are smaller attack domains. This can be accomplished by categorized and separate network activity. Also, by integrating with vendors early in the process of vulnerability identity, organizations can improve their security posture. A few of this is already underway, and having a partner environment that links engineering groups is important.

In the future, I see Artificial intelligence and robotics supporting the main cause. These tools will draw on the mixed power of (anonymized) data from multiple organizations. This kind of type of collaboration and sharing of best methods will be essential to the fight.

As digital transformation continues across organizations, enabling seamless, instant online connectivity between people, applications, devices and things, security must remain top of mind. As organizations carry on and spend in proven security solutions and grow their security awareness, our information resources have a fighting chance.

Take this self-assessment to see if your corporation is looking forward to the next attack.

Source: blogs.dxc.technology