Receive the latest mybusiness news
Copyright © 2020 MOMENTUMMEDIA

Lessons go unlearned a year after WannaCry attack

Adam Zuchetti
Adam Zuchetti
14 May 2018 1 minute readShare
Hacker, cybercrime

On the anniversary of the devastating WannaCry ransomware attack, businesses are being warned that complacency is the easiest and most effective means of having your data hacked.

Rob Greer, chief product officer and senior vice president of network security firm ForeScout, said that despite the estimated $8 billion in damages globally resulting from the WannaCry attack, many businesses are still not taking the most basic means of securing their data.

“This massive attack targeted hundreds of thousands of users in close to 150 countries, locking up computers from car factories and hospitals to retail shops and schools. The lesson from the WannaCry attack was simple – keep your system patches up to date,” said Mr Greer.

“However, even one year later, many organisations still don’t regularly patch their systems or even know where their endpoint and devices are.”

He suggested that some businesses lack policies on when their systems are updated and who is responsible for doing so, while others are concerned about operational impacts of software updates.

“Many businesses use expensive operational technology devices that rely on custom software built on older versions of the Windows operating system,” Mr Greer said.

Nevertheless, Mr Greer cautioned against ignoring important security patches, likening unpatched systems to “Swiss cheese”.

“While a properly patched system may not be impervious to attack, proper IT hygiene can stop many bad actors dead in their tracks,” he said.

“If the systems cannot be patched for operational reasons, the best means of protecting them is to place them in separate network segments.”

According to the Telstra Security Report, around half of businesses to have fallen victim to ransomware have coughed up the ransom in the hope of retrieving their data, despite there being no guarantee that paying up will deliver the desired outcome.

Yet the financial cost is only one aspect, given the additional compliance burden of mandatory reporting of data breaches now that the Notifiable Data Breaches Scheme is in effect.

Lessons go unlearned a year after WannaCry attack
mybusiness logo
Adam Zuchetti
Adam Zuchetti

Adam Zuchetti is the former editor of MyBusiness and a senior freelance media professional, specialising in the fields of business, personal finance and property. In 2020, he also embarked on his own business journey – inspired in part by the entrepreneurs and founders he had met through his journalistic work – with the launch of customised pet gifting and subscription service Paws N’ All.

Leave a Comment

Latest poll

How satisfied are you with the SME measures in the federal budget?