Don’t cry over data loss as a result of WannaCry if you could have prevented it

Security practitioners the world over should take a stern reality check after WannaCry ransomware hits the globe

The WannaCry ransomware cyber attack orchestrated over the weekend of the 12th of May should act as a stark reminder to companies that data backups need to be done regularly, that security solutions have to remain up to date and that user education is still a vital component of every security policy.

This is according to Andrew Potgieter, Security Solutions Director at Westcon-Comstor Southern Africa, who adds that even more unnerving is that “kits” to put together attacks of this nature are readily available for download on the Internet and doesn’t require a group of elite hactivists to run.

“Ransomware encrypts the data in your data centre (storage) or on personal devices and holds it ‘ransom’ until you pay the fee requested by the ‘data kidnapper’. What made the WannaCry attack so different is that it was done on a global scale, spreading to 150 countries, impacting over 10,000 organisations and 200,000 individuals – exploiting a security flaw in Windows XP,” states Potgieter.

Furthermore, he says that perhaps the most startling component of the attack is that so many companies were simply crippled. Highlighting that there is a real flaw in IT security policies, there are few organisations with effective “crisis situation” policies in place and that companies who simply fall back on two-dimensional, anti-intrusion detection and prevention methods will continue to fall victim.

Simply put, according to Westcon-Comstor vendor partner AlienVault, WannaCry is a ransomware variant that takes advantage of an exploit in the Windows operating system (MS17-010) that was released by a hacking organisation called Shadow Brokers in March.  The exploit and tools were allegedly part of a collection of spy tools used by the National Security Agency (NSA).

While Microsoft patched the vulnerability pretty quickly after the release, many clients have not run the updates needed to deploy the latest patch. Once an infected computer is put into action the malware spreads like a worm on your network, sniffing out other vulnerable machines to infect.

Regular backups and snapshots can help you recover files hidden behind ransomware, particularly if you can identify when the infections occurred, so you only work with backup copies before the infection. While you won’t be able to recover your files since the last backup, without paying the ransom, you can get at older files that are critical to business operation and continuity.

“Ransomware hides your data, but that data can be restored if regular backups are done in a business. Backups shouldn’t just be a business imperative, but a security one too, as all data needs to be continually and regularly scanned and cleaned of hidden malware. Updates might be a pain and slow your machine, but there are critical in a business, you simply have to run all updates as often as you can. It is the job of the IT department to ensure this happens.

“This is a huge wake up call for security practitioners, software developers and businesses alike. One small vulnerability can cripple your business. It is not just IoT and digital platforms that are affected it is all platforms. If businesses weren’t aware that they need to take security seriously, then this attack should surely change their minds,” ends Potgieter.

Comment on This Article

Your email address will not be published. Required fields are marked *

About Us

Westcon SA is a value-added distributor of category-leading unified communications, network infrastructure, data center and security solutions with a global network of specialty resellers. Our teams create unique programs and provide exceptional financial and technical support to accelerate the business of our partners

  • As a strong strategic partner, we offer superior account management backed by a dedicated team of responsive and reliable experts who are totally focused on your business
  • We offer the financial strength and breadth of global capabilities to manage your changing needs
  • We have a proven route to market for products and services from the vendor through to the end-user customer.

We accelerate our partner’s business by enabling and supporting them through a series of unique programs and capabilities.

  • Vendor Engagement
  • Accelerated Training
  • Business Consulting
  • Proof of Concept
  • Marketing Resources

 

Westcon Works

Westcon SA is the smartest choice to revolutionize your business! It doesn’t matter if you focus on enterprise or small to medium business opportunities, or if we are in an economic down-turn or in a bull market, a business partnership with Westcon SA will take your business to a whole new level.

At the core of our Westcon Works partnering model resides your sales cycles, and the associated challenges. It provides a common language, allowing us to address strategies for helping resellers be more effective and focus on what they do best, while together we define how Westcon SA can fill in the rest.

read more

Contact Us

Telephone: +27 11 848 9000

Email: info@westcon.co.za

Web: www.westcon.co.za

Address: Westcon Building, 1 Tugela Lane, Waterfall Logistics Precinct, Corner of Bridal Veil Road and K101, Jukskei View, Midrand

read more

People of Westcon

Guy Whitcroft, CEO

Uwe Brandkamp, Sales Director

Uwe Brandkamp, Sales Director

Robyn Newel, HR

Robyn Newel, HR Director

Bridget Nkuna, Marketing Director

Elmien du Toit, Special Projects – Compliance

Elmien du Toit, COO

Andries Coetzee, CFO

Andries Coetzee, CFO

Tiens Lange, Communications

Tiens de Lange, Unified Communications and Collaboration

Heinz Stephan, Consumer Solutions

Heinz Stephan, Services

Kevin Norton, Mobility

Kevin Norton, Mobility

Andrew Potgieter, Security – Data

Andrew Potgieter, Security

Leane Hannigan, Cloud

Louise Taute, Comstor

Jaco Malan, Academy

read more