With organizations across the globe bracing themselves for a second wave of ransomware attacks, the impact of Friday’s WannaCry attack is still being counted. With over 150 countries impacted, this attack has caused massive disruption for organisations including telecoms companies, car manufacturers and in the UK, the NHS has been significantly impacted with IT systems shut down and operations cancelled.
This attack quickly proliferated across IT systems through an identified vulnerability in Microsoft Windows. Microsoft said it had released a security update in March to address this, but many organizations were yet to run it(1). With IT teams working throughout the weekend to shore up their security and increase defences against further attacks, what can organizations do to stop ransomware and malware attacks from propagating across their IT systems?
- Shut down your vendor access method if you use VPNs and RDP: This may sound drastic and it is, but if you want to stay in control and secure you don’t really have a choice. With 100,000s of organisations infected by this ransomware attack, how can you ensure that your suppliers and outsourcers who have access to your network don’t pose a risk to your organization? Immediately shutting down insecure access paths into your IT infrastructure for third parties will prevent the propagation of any malware. Bomgar’s Privileged Access solution can get you back up and running with your suppliers within hours, but this time securely.
- Review policies and train employees regularly: With the source of the WannaCry ransomware attack suspected to be through a phishing attack, organizations need to ensure their employees are regularly trained to identify and report suspected phishing attempts. Bomgar’s recent Secure Access Threat Report found that 61% of respondents were concerned that administrative or privileged credentials will be phished from an employee and found that only half (54%) of organizations conduct annual training to keep insiders aware of security processes and, shockingly, only 53% include this training as part of induction for new employees.
- Manage and control privileged access to systems: Implementing a policy of least privilege and controlling and managing privileged access allows organizations to prevent any unauthorized access to IT systems. Bomgar’s secure access solutions, built on our secure platform, stop any unauthorized access attempts by breaking point to point access paths and allows you to define who has access to what and when.
- Quickly identify which systems need patches applying: Utilize tools such as canned scripts to allow IT teams to quickly see if systems are patched and up to date. Bomgar's canned scripts feature can help you identify if your systems are patched to known vulnerabilities with one click.
Doing nothing is not an option.