SlideShare a Scribd company logo

Industry reactions to wanna cry ransomware attacks

Download as PPTX, PDF
K
kevinmass30

Industry Reactions to WannaCry Ransomware Attacks- Society of Cyber Risk Management and Compliance Professionals- https://www.opsfolio.com/

Healthcare
1 of 18
Industry Reactions to WannaCry Ransomware Attacks Source: http://www.securityweek.com/industry-reactions-wannacry-ransomware-attacks
Banks Hospitals Manufacturing plants ISPs Government agencies Transportation companies 200,000 devices infected worldwide The WannaCry ransomware, also known as Wanna Decryptor, WanaCrypt0r, WannaCrypt, Wana Decrypt0r and WCry, has infected more than 200,000 devices worldwide. WannaCry Ransomware Attackers earned more than $50,000 in just a few days
Leaked NSA Exploit- Spreading WannaCry Worldwide The attacks involved exploits dubbed EternalBlue and DoublePulsar, both leaked recently by a hacker group calling itself Shadow Brokers. The exploits were allegedly used by a threat actor called the Equation Group, which has been linked to the NSA. This leverages SMB vulnerability in outdated windows PC The Shadow Brokers released Eternal Blue exploit EternalBlue exploit present. WannaCry succeeds.
Industry professionals shared thoughts on the WannaCry attacks, including the ICS, insurance, legal, cybersecurity strategy, attribution and other aspects of the story. And the feedback begins…
At the risk of sounding overly paranoid, I find it hard to believe that someone would orchestrate a global coordinated attack like this just to earn 50 thousand dollars. Security guru Bruce Schneier recently wrote that Russia and other nation-states often commit cyber-actions just for bragging purposes. For me, it's completely tenable that WannaCry is simply the Russians bragging they're already so deep into our critical infrastructure that we can't do anything about it. Either way, it's worth noting that many of the SCADA applications embedded in our electrical grid and manufacturing plants were developed years ago and are tethered to older versions of Windows -- so the fix isn't going to be easy. In the meantime, we should treat this attack as a persistent threat and continuously monitor both IT and OT networks for unusual activity. After all, how do we know that the same vulnerabilities haven't already been well-exploited for cyber- reconnaissance and cyber-espionage purposes? Or, that this isn't just the first phase of a more elaborate targeted campaign with the goal of causing massive disruption to our critical infrastructure and our economies? “ “ Phil Neray VP of Industrial Cybersecurity, CyberX - @rdecker99
Based on IBM X-Force analysis of over 500M spam e-mails, it seems likely the initial victims of the WannaCry ransomware did not get infected by opening a malicious e-mail or attachments. This means that criminals might have compromised systems by other means. This makes finding “patient zero” even more critical in the investigation. IBM X-Force is actively working with clients and law enforcement to track down this data. Since Asia and Europe have come online today we’ve seen a modest increase in the amount of victims paying the ransom. So far, cybercriminals have pulled in $54,877.46 which continues to grow at ~1 BTC per hour. Given the widespread propagation of the WannaCry ransomware in Eastern Europe and Asia, our research team suggests that these regions may be using older Microsoft software that is unsupported or pirated. “ “ Wendi Whitmore Global Lead, IBM X-Force IRIS - @wendiwhitmore
The ransomware attack raises the possibility that victims will face regulatory enforcement actions and civil litigation in the U.S. and elsewhere. Indeed, last fall the former Chairwoman of the Federal Trade Commission (“FTC”) warned U.S. businesses, in the context of addressing ransomware, that a company’s “unreasonable” failure to patch vulnerabilities might be cause for an enforcement action under the FTC Act. Further, the possibility of harm to consumers – particular those who are potentially harmed by the loss of sensitive medical or financial data – raise the possibility of costly class action litigation against companies that are the victims of ransomware attacks. “ “ Joe Facciponti Attorney with Cadwalader, Wickersham & Taft @Cadwalader
Watching this story continue to unravel, has truly highlighted the need for cyber insurance. Any company can experience a vulnerability no matter how prepared they think they are. While ransomware can result in a company paying small, very random amounts, business interruption can be much more significant and can potentially cost millions. There will always be a vulnerability that can’t be controlled and from an insurance standpoint, this is validation for the industry. In addition to having companies properly train their employees and ensure that they are up to speed on the importance of updating software patches in a consistent routine and have backup plans in place, it pays to have cyber insurance. Cybersecurity breaches are a reality every business must think about and having a whole team dedicated to helping you when something like this happens - from breach coaches and responders to forensic investigators - it's the best way to mitigate damages. We're continuing to learn from attacks like these by researching and working with industry experts to better understand the best ways to mitigate losses for our clients. “ “ Bill Kelly Senior Vice President, E&O Underwriting, Argo Group @argo_group
I applaud Microsoft for making the bold move to patch older, unsupported operating systems. They are under no obligation to do so and the organizations that did not upgrade their systems despite Microsoft’s statements that the OSes were moving to an unsupported state must accept the risk and responsibility for their decision. I liken it to this: when was the last time you took your eight year old car in for service and the repair shop said, “Don’t worry. I’ll just find that part which is no longer being produced and have it here in twelve hours for you…free of charge.” That’s what Microsoft did. Will Microsoft’s release of a patch encourage organizations NOT to upgrade older systems? Probably. But what a shame that will be. If they don’t, they will be hacked again. And again. And again. I applaud Microsoft’s desire to have a Digital Geneva Convention but at the same time, feel it’s a bit naïve. Attacking a civilian or a hospital with a grenade is far easier to spot and track than cyber weapons. And honestly, do we expect hackers, people who are behind these dreadful attacks, to adhere to some ethical set of guidelines? I think not. “ “ Jackson Shaw Senior director of product management at One Identity @JacksonShaw
The first response to this threat is to make sure all Windows-based machines are patched - this is a standard best practice. However, in industrial environments not all systems can be patched, since some support continuous operations that must operate 24X7. Such systems can't be restarted for example. There are also concerns around system availability and stability associated with deploying security patches. Meanwhile, non-Windows based systems in industrial networks are also exposed to cyber threats and are much more difficult to protect. This includes the critical automation controllers (PLCs, RTUs and DCS controllers) that can't be easily patched, or don't have patches available. To make matters worse, due to the lack of encryption and access controls in industrial networks, attackers do not need to exploit vulnerabilities in order to compromise these critical control devices and shutdown operations. “ “ Barak Perelman CEO, Indegy @BarakPerelman
Historically, general purpose, run of the mill malware that leverages SMB and NetBIOS interfaces in the industrial environment are particularly troublesome, with many systems remaining infected many years later. With the WannaCry/WanaCrypt ransomware in the wild, crossing into industrial control systems would be particularly devastating. Systems requiring real-time interfacing and control influence over physical assets could face safety/critical shutdown, or worse. When thinking about critical services to modern society (power, water, wastewater, etc.), there is a real potential, potentially for the first time ever, where critical services could be suspended due to ransomware. It may be time to rethink critical infrastructure cybersecurity engineering, because if MS17-010 exploiting malware variants are successful, we are clearly doing something wrong. “ “ Brad Hegrat, Director of Advisory Services, IOActive @IOActive
The spread of the attack was brought to a sudden halt when one UK cybersecurity researcher found and inadvertently activated a “kill switch” in the malicious software. It turns out that the virus was coded to check to see if an obscure website address was registered and live and to halt if this was the case. It was effectively a kill switch. This however can easily be overcome in a modified release which is what has already happened. Yes, this has indeed slowed the initial attack but this is only the first wave of such wormable ransomware attacks. Finally, the warnings that security experts have been sounding for years has finally come to the attention of the public - that is that more money needs to be spent on cybersecurity and that organizations need to run modern patched operating systems and educate their staff in safe computing and of course to simply back up. Regular off premises (or non-network attached) backups would have prevented this modern nightmare. “ “ Kevin Curran IEEE Senior Member and Cybersecurity Professor at Ulster University @profkevincurran
Most effective malware has the ability to adapt and use a number of exploits to infect and propagate. We are witnessing a jackpot or perfect storm combination that has allowed this attack to be so effective so quickly. It reminds me of incidents like Conficker, where all the right exploits came together to create the Mona Lisa of cyber attacks. One tweet criticized Edward Snowden and called out the NSA for not privately disclosing the SMBv1 exploit when they first discovered it. While I do not condone agencies for discovering exploits and keeping them quiet, which puts us at long term risk, this vulnerability had the potential to contribute just as badly to an attack of this magnitude, regardless. Think about it: whether the vulnerability was disclosed a year ago or just recently, a knowledgeable attacker would have taken advantage of the vulnerability. This update, regardless of when it was released, made a change in the handling of SMB traffic which could cause significant issues when rolling out an update. “ “ Chris Goettl Product manager at Ivanti @ChrisGoettl
“Due to compliance regulations, such as HIPAA, healthcare network admins cannot easily update Internet connected medical devices with the newest operating systems and patches. These devices are sealed to protect the equipment from failure in the event a software update inadvertently affects the operation of the device. While this ultimately protects patients from potential harm from a malfunctioning device, it has the potential leave the network open to attackers who are finding new ways to exploit old vulnerabilities, such as the recent WannaCry attack. If these devices aren’t updated by the manufacturers immediately, they will continue to be susceptible to these types of attacks. To better protect hospital networks that are using Internet connected medical devices, we recommend, reviewing and beefing up backup processes. It becomes essential to have an offsite backup on a daily basis. More important is a robust, tested, disaster recovery process that ensures core IT systems can be brought back up in a few hours. Most hospitals have backup in place to support compliance, of course, but really cannot restore key applications and recover operations fast enough in the face of a ransomware attack. When an environment faces a true disaster, even a well-planned disaster recovery strategy will typically take days until full operations are restored. Do the work to make sure this takes only a few hours.” “ “ Moshe Ben-Simon Co-founder & VP services at Trapx @TrapXSecurity
This is a blast from the past as this kind of ransomware isn’t anything new. For far too long, organizations have been ignoring basic firewall hygiene which is why WannaCry has gotten out of hand so easily. “This is not the worst-case scenario. The silver lining is that this wasn’t a destructive terrorist or nation state attack. Because it was profit-driven, it was designed to be undone upon payment and therefore there may be a chance to recover. However, this is a huge proof of concept for nation state actors that want to do something that might not be recoverable. “ “ Sean Sullivan Security advisor at F-Secure @5ean5ullivan
Within a company, security and data protection are not just the job of your CISO and CPO. It's everyone’s responsibility every day. Your employees may not be responsible for updating their corporate laptops and company issued devices, but if they're connecting to your corporate networks with personal devices, or home computers, they must be responsibly applying patches and updates to their own systems. Good cyber hygiene requires that you patch and update your operating systems regularly and as often as necessary. Operating systems that were properly patched were protected from this vulnerability by default. Going forward you must implement continuous and ongoing education of your employees. This education cannot be a once a year training course, but rather it must be pervasive throughout the culture of your organization. Because in the absence of security education or experience, people (employees, users, and customers) naturally make poor security decisions with technology. This means that systems need to be easy to use securely and difficult to use insecurely. Your security and data protection education program should include information about the importance of patching your operating systems and the direct tie of “unpatched systems” to vulnerabilities. “ “ Dana Simberkoff Chief compliance and risk officer at AvePoint @danalouise
"This incident exposes how a two-month old vulnerability can cause global panic and paralyze the largest companies and governmental institutions on all continents. Worse, cybercriminals could have easily released this worm just after the NSA's 0day was leaked two months ago, and this would have led to much more destructive consequences. It would be unreasonable and inappropriate to blame the NSA for any significant contribution to this attack. Similar 0days are bought and sold almost every day, and many other organizations participate in these auctions - virtually anyone can (un)intentionally leak an exploit and cause similar damage. The real problem is that in 2017, the largest companies and governments still fail to patch publicly disclosed flaws for months. Practically speaking, the NSA doesn't really need a 0day to get their data - their negligence "invite" attackers to get in. Companies and organizations that have fallen victim to this attack, can consider contacting their legal departments to evaluate whether their IT contractors can be held liable for negligence and breach of duty. Failure to update production systems for over two months - can certainly qualify at least as carelessness in many jurisdictions." “ “ Ilia Kolochenko CEO of High-Tech Bridge @htbridge
Ransomware is following the same trajectory as phishing. The criminals have worked out how to monetize the crime, and they know which types of businesses are likely to pay up-- and how to collect the money without being caught. It appears that the NSA breach has accelerated the process. Instead of having to develop their own zero-day attacks, the criminals have used of an arsenal developed by experts at developing cyber-weapons. The U.S. government clearly had its priorities wrong. Whether or not you think the U.S. government should be spending a fortune developing such cyber-weapons, surely it is obvious that the weapons they develop should be properly secured. If someone had lost a nuclear weapon, heads would have rolled. The CIA and NSA have been breached on a massive scale, and now the effects are being felt. What is going to be done to stop further leaks? “ “ Phillip Hallam-Baker Principal scientist, Comodo @comododesktop

Recommended

Evolution of ransomware
Evolution of ransomwareEvolution of ransomware
Evolution of ransomwareCharles Steve
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowIBM Security
 
Wannacry & Petya ransomware
Wannacry & Petya ransomwareWannacry & Petya ransomware
Wannacry & Petya ransomwareRaghavendra P.V
 
IT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatIT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatETech 7
 
AI for Ransomware Detection & Prevention Insights from Patents
AI for Ransomware Detection & Prevention Insights from PatentsAI for Ransomware Detection & Prevention Insights from Patents
AI for Ransomware Detection & Prevention Insights from PatentsAlex G. Lee, Ph.D. Esq. CLP
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationMaaz Ahmed Shaikh
 
Cisa ransomware guide
Cisa ransomware guideCisa ransomware guide
Cisa ransomware guideanpapathanasiou
 
Anatomy of a Ransomware Event
Anatomy of a Ransomware EventAnatomy of a Ransomware Event
Anatomy of a Ransomware EventArt Ocain
 

Recommended

Evolution of ransomware
Evolution of ransomwareEvolution of ransomware
Evolution of ransomwareCharles Steve
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowIBM Security
 
Wannacry & Petya ransomware
Wannacry & Petya ransomwareWannacry & Petya ransomware
Wannacry & Petya ransomwareRaghavendra P.V
 
IT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatIT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatETech 7
 
AI for Ransomware Detection & Prevention Insights from Patents
AI for Ransomware Detection & Prevention Insights from PatentsAI for Ransomware Detection & Prevention Insights from Patents
AI for Ransomware Detection & Prevention Insights from PatentsAlex G. Lee, Ph.D. Esq. CLP
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationMaaz Ahmed Shaikh
 
Cisa ransomware guide
Cisa ransomware guideCisa ransomware guide
Cisa ransomware guideanpapathanasiou
 
Anatomy of a Ransomware Event
Anatomy of a Ransomware EventAnatomy of a Ransomware Event
Anatomy of a Ransomware EventArt Ocain
 
Take the Ransom Out of Ransomware
Take the Ransom Out of RansomwareTake the Ransom Out of Ransomware
Take the Ransom Out of RansomwareUnitrends
 
Security Solution - IBM Business Connect Qatar Defend your company against cy...
Security Solution - IBM Business Connect Qatar Defend your company against cy...Security Solution - IBM Business Connect Qatar Defend your company against cy...
Security Solution - IBM Business Connect Qatar Defend your company against cy...Dalia Reda
 
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessWebinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessStorage Switzerland
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension Inc.
 
Triangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enoughTriangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enoughMartin Opsahl
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
 
Cybersecurity…real world solutions
Cybersecurity…real world solutions Cybersecurity…real world solutions
Cybersecurity…real world solutions ErnestStaats
 
Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.marketingunitrends
 
Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?Osirium Limited
 
DC970 Presents: Defense in Depth
DC970 Presents: Defense in DepthDC970 Presents: Defense in Depth
DC970 Presents: Defense in DepthIceQUICK
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
Crack the Code
Crack the CodeCrack the Code
Crack the CodeInnoTech
 
What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?IBM Security
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...IBM Security
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityUmairFirdous
 
Cyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSCyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSKenny Huang Ph.D.
 
Level Up Your Security with Threat Intelligence
Level Up Your Security with Threat IntelligenceLevel Up Your Security with Threat Intelligence
Level Up Your Security with Threat IntelligenceIBM Security
 
Empowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsEmpowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsIBM Security
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itIBM Security
 
IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015Andreanne Clarke
 
56 JULY 2017 WWW.COM.docx
56 JULY 2017 WWW.COM.docx56 JULY 2017 WWW.COM.docx
56 JULY 2017 WWW.COM.docxalinainglis
 
Enterprise Immune System
Enterprise Immune SystemEnterprise Immune System
Enterprise Immune SystemAustin Eppstein
 

More Related Content

What's hot

Take the Ransom Out of Ransomware
Take the Ransom Out of RansomwareTake the Ransom Out of Ransomware
Take the Ransom Out of RansomwareUnitrends
 
Security Solution - IBM Business Connect Qatar Defend your company against cy...
Security Solution - IBM Business Connect Qatar Defend your company against cy...Security Solution - IBM Business Connect Qatar Defend your company against cy...
Security Solution - IBM Business Connect Qatar Defend your company against cy...Dalia Reda
 
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessWebinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessStorage Switzerland
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension Inc.
 
Triangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enoughTriangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enoughMartin Opsahl
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
 
Cybersecurity…real world solutions
Cybersecurity…real world solutions Cybersecurity…real world solutions
Cybersecurity…real world solutions ErnestStaats
 
Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.marketingunitrends
 
Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?Osirium Limited
 
DC970 Presents: Defense in Depth
DC970 Presents: Defense in DepthDC970 Presents: Defense in Depth
DC970 Presents: Defense in DepthIceQUICK
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
Crack the Code
Crack the CodeCrack the Code
Crack the CodeInnoTech
 
What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?IBM Security
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...IBM Security
 
Cyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSCyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSKenny Huang Ph.D.
 
Level Up Your Security with Threat Intelligence
Level Up Your Security with Threat IntelligenceLevel Up Your Security with Threat Intelligence
Level Up Your Security with Threat IntelligenceIBM Security
 
Empowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsEmpowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsIBM Security
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itIBM Security
 
IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015Andreanne Clarke
 

What's hot (20)

Take the Ransom Out of Ransomware
Take the Ransom Out of RansomwareTake the Ransom Out of Ransomware
Take the Ransom Out of Ransomware
 
Security Solution - IBM Business Connect Qatar Defend your company against cy...
Security Solution - IBM Business Connect Qatar Defend your company against cy...Security Solution - IBM Business Connect Qatar Defend your company against cy...
Security Solution - IBM Business Connect Qatar Defend your company against cy...
 
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessWebinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA Compliance
 
Triangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enoughTriangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enough
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
 
Cybersecurity…real world solutions
Cybersecurity…real world solutions Cybersecurity…real world solutions
Cybersecurity…real world solutions
 
Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.
 
Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?
 
DC970 Presents: Defense in Depth
DC970 Presents: Defense in DepthDC970 Presents: Defense in Depth
DC970 Presents: Defense in Depth
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
 
Crack the Code
Crack the CodeCrack the Code
Crack the Code
 
What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Cyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSCyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoS
 
Level Up Your Security with Threat Intelligence
Level Up Your Security with Threat IntelligenceLevel Up Your Security with Threat Intelligence
Level Up Your Security with Threat Intelligence
 
Empowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsEmpowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOps
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
 
IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015
 

Similar to Industry reactions to wanna cry ransomware attacks

56 JULY 2017 WWW.COM.docx
56 JULY 2017 WWW.COM.docx56 JULY 2017 WWW.COM.docx
56 JULY 2017 WWW.COM.docxalinainglis
 
Enterprise Immune System
Enterprise Immune SystemEnterprise Immune System
Enterprise Immune SystemAustin Eppstein
 
GBS - Prevent network security fires
GBS - Prevent network security firesGBS - Prevent network security fires
GBS - Prevent network security firesKristin Helgeson
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Erik Ginalick
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threatsReadWrite
 
Ransomware- A reality check (Part 1).pptx
Ransomware- A reality check (Part 1).pptxRansomware- A reality check (Part 1).pptx
Ransomware- A reality check (Part 1).pptxInfosectrain3
 
Ransomware all locked up book
Ransomware all locked up bookRansomware all locked up book
Ransomware all locked up bookDiego Souza
 
Ransomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacksRansomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacksdinCloud Inc.
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Security
 
Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...
Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...
Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...Black Duck by Synopsys
 
VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareGFI Software
 
Cyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful BusinessCyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful BusinessFibonalabs
 
Attack of the killer virus!
Attack of the killer virus!Attack of the killer virus!
Attack of the killer virus!UltraUploader
 
security_secure_pipes_frost_whitepaper
security_secure_pipes_frost_whitepapersecurity_secure_pipes_frost_whitepaper
security_secure_pipes_frost_whitepaperAlan Rudd
 
The Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBsThe Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBsProtected Harbor
 

Similar to Industry reactions to wanna cry ransomware attacks (20)

56 JULY 2017 WWW.COM.docx
56 JULY 2017 WWW.COM.docx56 JULY 2017 WWW.COM.docx
56 JULY 2017 WWW.COM.docx
 
Enterprise Immune System
Enterprise Immune SystemEnterprise Immune System
Enterprise Immune System
 
Cybersecurity After WannaCry: How to Resist Future Attacks
Cybersecurity After WannaCry: How to Resist Future AttacksCybersecurity After WannaCry: How to Resist Future Attacks
Cybersecurity After WannaCry: How to Resist Future Attacks
 
GBS - Prevent network security fires
GBS - Prevent network security firesGBS - Prevent network security fires
GBS - Prevent network security fires
 
Retail
Retail Retail
Retail
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
 
Ransomware- A reality check (Part 1).pptx
Ransomware- A reality check (Part 1).pptxRansomware- A reality check (Part 1).pptx
Ransomware- A reality check (Part 1).pptx
 
Ransomware all locked up book
Ransomware all locked up bookRansomware all locked up book
Ransomware all locked up book
 
Ransomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacksRansomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacks
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack Continuum
 
What Businesses Entrepreneurs Are Imperative To Know About Ransomware
What Businesses Entrepreneurs Are Imperative To Know About RansomwareWhat Businesses Entrepreneurs Are Imperative To Know About Ransomware
What Businesses Entrepreneurs Are Imperative To Know About Ransomware
 
Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...
Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...
Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...
 
VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of Bloatware
 
Cyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful BusinessCyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful Business
 
Attack of the killer virus!
Attack of the killer virus!Attack of the killer virus!
Attack of the killer virus!
 
security_secure_pipes_frost_whitepaper
security_secure_pipes_frost_whitepapersecurity_secure_pipes_frost_whitepaper
security_secure_pipes_frost_whitepaper
 
Sophos a-to-z
Sophos a-to-z Sophos a-to-z
Sophos a-to-z
 
Malware Infections
Malware InfectionsMalware Infections
Malware Infections
 
The Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBsThe Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBs
 

Recently uploaded

VIP Call Girls Sector 67 Gurgaon Just Call Me 9711199012
VIP Call Girls Sector 67 Gurgaon Just Call Me 9711199012VIP Call Girls Sector 67 Gurgaon Just Call Me 9711199012
VIP Call Girls Sector 67 Gurgaon Just Call Me 9711199012Call Girls Service Gurgaon
 
VIP Call Girls Noida Sia 9711199171 High Class Call Girl Near Me
VIP Call Girls Noida Sia 9711199171 High Class Call Girl Near MeVIP Call Girls Noida Sia 9711199171 High Class Call Girl Near Me
VIP Call Girls Noida Sia 9711199171 High Class Call Girl Near Memriyagarg453
 
❤️♀️@ Jaipur Call Girls ❤️♀️@ Jaispreet Call Girl Services in Jaipur QRYPCF ...
❤️♀️@ Jaipur Call Girls ❤️♀️@ Jaispreet Call Girl Services in Jaipur QRYPCF ...❤️♀️@ Jaipur Call Girls ❤️♀️@ Jaispreet Call Girl Services in Jaipur QRYPCF ...
❤️♀️@ Jaipur Call Girls ❤️♀️@ Jaispreet Call Girl Services in Jaipur QRYPCF ...Gfnyt.com
 
raisen Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
raisen Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meetraisen Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
raisen Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real MeetCall Girls Service
 
Call Girl Raipur 📲 9999965857 whatsapp live cam sex service available
Call Girl Raipur 📲 9999965857 whatsapp live cam sex service availableCall Girl Raipur 📲 9999965857 whatsapp live cam sex service available
Call Girl Raipur 📲 9999965857 whatsapp live cam sex service availablegragmanisha42
 
Ozhukarai Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Ozhukarai Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real MeetOzhukarai Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Ozhukarai Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real MeetCall Girls Service
 
VIP Call Girl Sector 25 Gurgaon Just Call Me 9899900591
VIP Call Girl Sector 25 Gurgaon Just Call Me 9899900591VIP Call Girl Sector 25 Gurgaon Just Call Me 9899900591
VIP Call Girl Sector 25 Gurgaon Just Call Me 9899900591adityaroy0215
 
❤️♀️@ Jaipur Call Girls ❤️♀️@ Meghna Jaipur Call Girls Number CRTHNR Call G...
❤️♀️@ Jaipur Call Girls ❤️♀️@ Meghna Jaipur Call Girls Number CRTHNR Call G...❤️♀️@ Jaipur Call Girls ❤️♀️@ Meghna Jaipur Call Girls Number CRTHNR Call G...
❤️♀️@ Jaipur Call Girls ❤️♀️@ Meghna Jaipur Call Girls Number CRTHNR Call G...Gfnyt.com
 
❤️Call girls in Jalandhar ☎️9876848877☎️ Call Girl service in Jalandhar☎️ Jal...
❤️Call girls in Jalandhar ☎️9876848877☎️ Call Girl service in Jalandhar☎️ Jal...❤️Call girls in Jalandhar ☎️9876848877☎️ Call Girl service in Jalandhar☎️ Jal...
❤️Call girls in Jalandhar ☎️9876848877☎️ Call Girl service in Jalandhar☎️ Jal...chandigarhentertainm
 
Chandigarh Escorts, 😋9988299661 😋50% off at Escort Service in Chandigarh
Chandigarh Escorts, 😋9988299661 😋50% off at Escort Service in ChandigarhChandigarh Escorts, 😋9988299661 😋50% off at Escort Service in Chandigarh
Chandigarh Escorts, 😋9988299661 😋50% off at Escort Service in ChandigarhSheetaleventcompany
 
Call Girls Chandigarh 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
Call Girls Chandigarh 👙 7001035870 👙 Genuine WhatsApp Number for Real MeetCall Girls Chandigarh 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
Call Girls Chandigarh 👙 7001035870 👙 Genuine WhatsApp Number for Real Meetpriyashah722354
 
Punjab❤️Call girls in Mohali ☎️7435815124☎️ Call Girl service in Mohali☎️ Moh...
Punjab❤️Call girls in Mohali ☎️7435815124☎️ Call Girl service in Mohali☎️ Moh...Punjab❤️Call girls in Mohali ☎️7435815124☎️ Call Girl service in Mohali☎️ Moh...
Punjab❤️Call girls in Mohali ☎️7435815124☎️ Call Girl service in Mohali☎️ Moh...Sheetaleventcompany
 
Call Girls Service Chandigarh Gori WhatsApp ❤7710465962 VIP Call Girls Chandi...
Call Girls Service Chandigarh Gori WhatsApp ❤7710465962 VIP Call Girls Chandi...Call Girls Service Chandigarh Gori WhatsApp ❤7710465962 VIP Call Girls Chandi...
Call Girls Service Chandigarh Gori WhatsApp ❤7710465962 VIP Call Girls Chandi...Niamh verma
 
Sambalpur Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Sambalpur Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real MeetSambalpur Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Sambalpur Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real MeetCall Girls Service
 
Udaipur Call Girls 📲 9999965857 Call Girl in Udaipur
Udaipur Call Girls 📲 9999965857 Call Girl in UdaipurUdaipur Call Girls 📲 9999965857 Call Girl in Udaipur
Udaipur Call Girls 📲 9999965857 Call Girl in Udaipurseemahedar019
 
Call Girl In Zirakpur ❤️♀️@ 9988299661 Zirakpur Call Girls Near Me ❤️♀️@ Sexy...
Call Girl In Zirakpur ❤️♀️@ 9988299661 Zirakpur Call Girls Near Me ❤️♀️@ Sexy...Call Girl In Zirakpur ❤️♀️@ 9988299661 Zirakpur Call Girls Near Me ❤️♀️@ Sexy...
Call Girl In Zirakpur ❤️♀️@ 9988299661 Zirakpur Call Girls Near Me ❤️♀️@ Sexy...Sheetaleventcompany
 
Call Girls Thane Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Thane Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Thane Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Thane Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
Jaipur Call Girls 9257276172 Call Girl in Jaipur Rajasthan
Jaipur Call Girls 9257276172 Call Girl in Jaipur RajasthanJaipur Call Girls 9257276172 Call Girl in Jaipur Rajasthan
Jaipur Call Girls 9257276172 Call Girl in Jaipur Rajasthanindiancallgirl4rent
 
Dehradun Call Girls Service 08854095900 Real Russian Girls Looking Models
Dehradun Call Girls Service 08854095900 Real Russian Girls Looking ModelsDehradun Call Girls Service 08854095900 Real Russian Girls Looking Models
Dehradun Call Girls Service 08854095900 Real Russian Girls Looking Modelsindiancallgirl4rent
 
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real MeetChandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meetpriyashah722354
 

Recently uploaded (20)

VIP Call Girls Sector 67 Gurgaon Just Call Me 9711199012
VIP Call Girls Sector 67 Gurgaon Just Call Me 9711199012VIP Call Girls Sector 67 Gurgaon Just Call Me 9711199012
VIP Call Girls Sector 67 Gurgaon Just Call Me 9711199012
 
VIP Call Girls Noida Sia 9711199171 High Class Call Girl Near Me
VIP Call Girls Noida Sia 9711199171 High Class Call Girl Near MeVIP Call Girls Noida Sia 9711199171 High Class Call Girl Near Me
VIP Call Girls Noida Sia 9711199171 High Class Call Girl Near Me
 
❤️♀️@ Jaipur Call Girls ❤️♀️@ Jaispreet Call Girl Services in Jaipur QRYPCF ...
❤️♀️@ Jaipur Call Girls ❤️♀️@ Jaispreet Call Girl Services in Jaipur QRYPCF ...❤️♀️@ Jaipur Call Girls ❤️♀️@ Jaispreet Call Girl Services in Jaipur QRYPCF ...
❤️♀️@ Jaipur Call Girls ❤️♀️@ Jaispreet Call Girl Services in Jaipur QRYPCF ...
 
raisen Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
raisen Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meetraisen Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
raisen Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
 
Call Girl Raipur 📲 9999965857 whatsapp live cam sex service available
Call Girl Raipur 📲 9999965857 whatsapp live cam sex service availableCall Girl Raipur 📲 9999965857 whatsapp live cam sex service available
Call Girl Raipur 📲 9999965857 whatsapp live cam sex service available
 
Ozhukarai Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Ozhukarai Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real MeetOzhukarai Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Ozhukarai Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
 
VIP Call Girl Sector 25 Gurgaon Just Call Me 9899900591
VIP Call Girl Sector 25 Gurgaon Just Call Me 9899900591VIP Call Girl Sector 25 Gurgaon Just Call Me 9899900591
VIP Call Girl Sector 25 Gurgaon Just Call Me 9899900591
 
❤️♀️@ Jaipur Call Girls ❤️♀️@ Meghna Jaipur Call Girls Number CRTHNR Call G...
❤️♀️@ Jaipur Call Girls ❤️♀️@ Meghna Jaipur Call Girls Number CRTHNR Call G...❤️♀️@ Jaipur Call Girls ❤️♀️@ Meghna Jaipur Call Girls Number CRTHNR Call G...
❤️♀️@ Jaipur Call Girls ❤️♀️@ Meghna Jaipur Call Girls Number CRTHNR Call G...
 
❤️Call girls in Jalandhar ☎️9876848877☎️ Call Girl service in Jalandhar☎️ Jal...
❤️Call girls in Jalandhar ☎️9876848877☎️ Call Girl service in Jalandhar☎️ Jal...❤️Call girls in Jalandhar ☎️9876848877☎️ Call Girl service in Jalandhar☎️ Jal...
❤️Call girls in Jalandhar ☎️9876848877☎️ Call Girl service in Jalandhar☎️ Jal...
 
Chandigarh Escorts, 😋9988299661 😋50% off at Escort Service in Chandigarh
Chandigarh Escorts, 😋9988299661 😋50% off at Escort Service in ChandigarhChandigarh Escorts, 😋9988299661 😋50% off at Escort Service in Chandigarh
Chandigarh Escorts, 😋9988299661 😋50% off at Escort Service in Chandigarh
 
Call Girls Chandigarh 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
Call Girls Chandigarh 👙 7001035870 👙 Genuine WhatsApp Number for Real MeetCall Girls Chandigarh 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
Call Girls Chandigarh 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
 
Punjab❤️Call girls in Mohali ☎️7435815124☎️ Call Girl service in Mohali☎️ Moh...
Punjab❤️Call girls in Mohali ☎️7435815124☎️ Call Girl service in Mohali☎️ Moh...Punjab❤️Call girls in Mohali ☎️7435815124☎️ Call Girl service in Mohali☎️ Moh...
Punjab❤️Call girls in Mohali ☎️7435815124☎️ Call Girl service in Mohali☎️ Moh...
 
Call Girls Service Chandigarh Gori WhatsApp ❤7710465962 VIP Call Girls Chandi...
Call Girls Service Chandigarh Gori WhatsApp ❤7710465962 VIP Call Girls Chandi...Call Girls Service Chandigarh Gori WhatsApp ❤7710465962 VIP Call Girls Chandi...
Call Girls Service Chandigarh Gori WhatsApp ❤7710465962 VIP Call Girls Chandi...
 
Sambalpur Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Sambalpur Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real MeetSambalpur Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Sambalpur Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
 
Udaipur Call Girls 📲 9999965857 Call Girl in Udaipur
Udaipur Call Girls 📲 9999965857 Call Girl in UdaipurUdaipur Call Girls 📲 9999965857 Call Girl in Udaipur
Udaipur Call Girls 📲 9999965857 Call Girl in Udaipur
 
Call Girl In Zirakpur ❤️♀️@ 9988299661 Zirakpur Call Girls Near Me ❤️♀️@ Sexy...
Call Girl In Zirakpur ❤️♀️@ 9988299661 Zirakpur Call Girls Near Me ❤️♀️@ Sexy...Call Girl In Zirakpur ❤️♀️@ 9988299661 Zirakpur Call Girls Near Me ❤️♀️@ Sexy...
Call Girl In Zirakpur ❤️♀️@ 9988299661 Zirakpur Call Girls Near Me ❤️♀️@ Sexy...
 
Call Girls Thane Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Thane Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Thane Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Thane Just Call 9907093804 Top Class Call Girl Service Available
 
Jaipur Call Girls 9257276172 Call Girl in Jaipur Rajasthan
Jaipur Call Girls 9257276172 Call Girl in Jaipur RajasthanJaipur Call Girls 9257276172 Call Girl in Jaipur Rajasthan
Jaipur Call Girls 9257276172 Call Girl in Jaipur Rajasthan
 
Dehradun Call Girls Service 08854095900 Real Russian Girls Looking Models
Dehradun Call Girls Service 08854095900 Real Russian Girls Looking ModelsDehradun Call Girls Service 08854095900 Real Russian Girls Looking Models
Dehradun Call Girls Service 08854095900 Real Russian Girls Looking Models
 
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real MeetChandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
 

Industry reactions to wanna cry ransomware attacks

  • 1. Industry Reactions to WannaCry Ransomware Attacks Source: http://www.securityweek.com/industry-reactions-wannacry-ransomware-attacks
  • 2. Banks Hospitals Manufacturing plants ISPs Government agencies Transportation companies 200,000 devices infected worldwide The WannaCry ransomware, also known as Wanna Decryptor, WanaCrypt0r, WannaCrypt, Wana Decrypt0r and WCry, has infected more than 200,000 devices worldwide. WannaCry Ransomware Attackers earned more than $50,000 in just a few days
  • 3. Leaked NSA Exploit- Spreading WannaCry Worldwide The attacks involved exploits dubbed EternalBlue and DoublePulsar, both leaked recently by a hacker group calling itself Shadow Brokers. The exploits were allegedly used by a threat actor called the Equation Group, which has been linked to the NSA. This leverages SMB vulnerability in outdated windows PC The Shadow Brokers released Eternal Blue exploit EternalBlue exploit present. WannaCry succeeds.
  • 4. Industry professionals shared thoughts on the WannaCry attacks, including the ICS, insurance, legal, cybersecurity strategy, attribution and other aspects of the story. And the feedback begins…
  • 5. At the risk of sounding overly paranoid, I find it hard to believe that someone would orchestrate a global coordinated attack like this just to earn 50 thousand dollars. Security guru Bruce Schneier recently wrote that Russia and other nation-states often commit cyber-actions just for bragging purposes. For me, it's completely tenable that WannaCry is simply the Russians bragging they're already so deep into our critical infrastructure that we can't do anything about it. Either way, it's worth noting that many of the SCADA applications embedded in our electrical grid and manufacturing plants were developed years ago and are tethered to older versions of Windows -- so the fix isn't going to be easy. In the meantime, we should treat this attack as a persistent threat and continuously monitor both IT and OT networks for unusual activity. After all, how do we know that the same vulnerabilities haven't already been well-exploited for cyber- reconnaissance and cyber-espionage purposes? Or, that this isn't just the first phase of a more elaborate targeted campaign with the goal of causing massive disruption to our critical infrastructure and our economies? “ “ Phil Neray VP of Industrial Cybersecurity, CyberX - @rdecker99
  • 6. Based on IBM X-Force analysis of over 500M spam e-mails, it seems likely the initial victims of the WannaCry ransomware did not get infected by opening a malicious e-mail or attachments. This means that criminals might have compromised systems by other means. This makes finding “patient zero” even more critical in the investigation. IBM X-Force is actively working with clients and law enforcement to track down this data. Since Asia and Europe have come online today we’ve seen a modest increase in the amount of victims paying the ransom. So far, cybercriminals have pulled in $54,877.46 which continues to grow at ~1 BTC per hour. Given the widespread propagation of the WannaCry ransomware in Eastern Europe and Asia, our research team suggests that these regions may be using older Microsoft software that is unsupported or pirated. “ “ Wendi Whitmore Global Lead, IBM X-Force IRIS - @wendiwhitmore
  • 7. The ransomware attack raises the possibility that victims will face regulatory enforcement actions and civil litigation in the U.S. and elsewhere. Indeed, last fall the former Chairwoman of the Federal Trade Commission (“FTC”) warned U.S. businesses, in the context of addressing ransomware, that a company’s “unreasonable” failure to patch vulnerabilities might be cause for an enforcement action under the FTC Act. Further, the possibility of harm to consumers – particular those who are potentially harmed by the loss of sensitive medical or financial data – raise the possibility of costly class action litigation against companies that are the victims of ransomware attacks. “ “ Joe Facciponti Attorney with Cadwalader, Wickersham & Taft @Cadwalader
  • 8. Watching this story continue to unravel, has truly highlighted the need for cyber insurance. Any company can experience a vulnerability no matter how prepared they think they are. While ransomware can result in a company paying small, very random amounts, business interruption can be much more significant and can potentially cost millions. There will always be a vulnerability that can’t be controlled and from an insurance standpoint, this is validation for the industry. In addition to having companies properly train their employees and ensure that they are up to speed on the importance of updating software patches in a consistent routine and have backup plans in place, it pays to have cyber insurance. Cybersecurity breaches are a reality every business must think about and having a whole team dedicated to helping you when something like this happens - from breach coaches and responders to forensic investigators - it's the best way to mitigate damages. We're continuing to learn from attacks like these by researching and working with industry experts to better understand the best ways to mitigate losses for our clients. “ “ Bill Kelly Senior Vice President, E&O Underwriting, Argo Group @argo_group
  • 9. I applaud Microsoft for making the bold move to patch older, unsupported operating systems. They are under no obligation to do so and the organizations that did not upgrade their systems despite Microsoft’s statements that the OSes were moving to an unsupported state must accept the risk and responsibility for their decision. I liken it to this: when was the last time you took your eight year old car in for service and the repair shop said, “Don’t worry. I’ll just find that part which is no longer being produced and have it here in twelve hours for you…free of charge.” That’s what Microsoft did. Will Microsoft’s release of a patch encourage organizations NOT to upgrade older systems? Probably. But what a shame that will be. If they don’t, they will be hacked again. And again. And again. I applaud Microsoft’s desire to have a Digital Geneva Convention but at the same time, feel it’s a bit naïve. Attacking a civilian or a hospital with a grenade is far easier to spot and track than cyber weapons. And honestly, do we expect hackers, people who are behind these dreadful attacks, to adhere to some ethical set of guidelines? I think not. “ “ Jackson Shaw Senior director of product management at One Identity @JacksonShaw
  • 10. The first response to this threat is to make sure all Windows-based machines are patched - this is a standard best practice. However, in industrial environments not all systems can be patched, since some support continuous operations that must operate 24X7. Such systems can't be restarted for example. There are also concerns around system availability and stability associated with deploying security patches. Meanwhile, non-Windows based systems in industrial networks are also exposed to cyber threats and are much more difficult to protect. This includes the critical automation controllers (PLCs, RTUs and DCS controllers) that can't be easily patched, or don't have patches available. To make matters worse, due to the lack of encryption and access controls in industrial networks, attackers do not need to exploit vulnerabilities in order to compromise these critical control devices and shutdown operations. “ “ Barak Perelman CEO, Indegy @BarakPerelman
  • 11. Historically, general purpose, run of the mill malware that leverages SMB and NetBIOS interfaces in the industrial environment are particularly troublesome, with many systems remaining infected many years later. With the WannaCry/WanaCrypt ransomware in the wild, crossing into industrial control systems would be particularly devastating. Systems requiring real-time interfacing and control influence over physical assets could face safety/critical shutdown, or worse. When thinking about critical services to modern society (power, water, wastewater, etc.), there is a real potential, potentially for the first time ever, where critical services could be suspended due to ransomware. It may be time to rethink critical infrastructure cybersecurity engineering, because if MS17-010 exploiting malware variants are successful, we are clearly doing something wrong. “ “ Brad Hegrat, Director of Advisory Services, IOActive @IOActive
  • 12. The spread of the attack was brought to a sudden halt when one UK cybersecurity researcher found and inadvertently activated a “kill switch” in the malicious software. It turns out that the virus was coded to check to see if an obscure website address was registered and live and to halt if this was the case. It was effectively a kill switch. This however can easily be overcome in a modified release which is what has already happened. Yes, this has indeed slowed the initial attack but this is only the first wave of such wormable ransomware attacks. Finally, the warnings that security experts have been sounding for years has finally come to the attention of the public - that is that more money needs to be spent on cybersecurity and that organizations need to run modern patched operating systems and educate their staff in safe computing and of course to simply back up. Regular off premises (or non-network attached) backups would have prevented this modern nightmare. “ “ Kevin Curran IEEE Senior Member and Cybersecurity Professor at Ulster University @profkevincurran
  • 13. Most effective malware has the ability to adapt and use a number of exploits to infect and propagate. We are witnessing a jackpot or perfect storm combination that has allowed this attack to be so effective so quickly. It reminds me of incidents like Conficker, where all the right exploits came together to create the Mona Lisa of cyber attacks. One tweet criticized Edward Snowden and called out the NSA for not privately disclosing the SMBv1 exploit when they first discovered it. While I do not condone agencies for discovering exploits and keeping them quiet, which puts us at long term risk, this vulnerability had the potential to contribute just as badly to an attack of this magnitude, regardless. Think about it: whether the vulnerability was disclosed a year ago or just recently, a knowledgeable attacker would have taken advantage of the vulnerability. This update, regardless of when it was released, made a change in the handling of SMB traffic which could cause significant issues when rolling out an update. “ “ Chris Goettl Product manager at Ivanti @ChrisGoettl
  • 14. “Due to compliance regulations, such as HIPAA, healthcare network admins cannot easily update Internet connected medical devices with the newest operating systems and patches. These devices are sealed to protect the equipment from failure in the event a software update inadvertently affects the operation of the device. While this ultimately protects patients from potential harm from a malfunctioning device, it has the potential leave the network open to attackers who are finding new ways to exploit old vulnerabilities, such as the recent WannaCry attack. If these devices aren’t updated by the manufacturers immediately, they will continue to be susceptible to these types of attacks. To better protect hospital networks that are using Internet connected medical devices, we recommend, reviewing and beefing up backup processes. It becomes essential to have an offsite backup on a daily basis. More important is a robust, tested, disaster recovery process that ensures core IT systems can be brought back up in a few hours. Most hospitals have backup in place to support compliance, of course, but really cannot restore key applications and recover operations fast enough in the face of a ransomware attack. When an environment faces a true disaster, even a well-planned disaster recovery strategy will typically take days until full operations are restored. Do the work to make sure this takes only a few hours.” “ “ Moshe Ben-Simon Co-founder & VP services at Trapx @TrapXSecurity
  • 15. This is a blast from the past as this kind of ransomware isn’t anything new. For far too long, organizations have been ignoring basic firewall hygiene which is why WannaCry has gotten out of hand so easily. “This is not the worst-case scenario. The silver lining is that this wasn’t a destructive terrorist or nation state attack. Because it was profit-driven, it was designed to be undone upon payment and therefore there may be a chance to recover. However, this is a huge proof of concept for nation state actors that want to do something that might not be recoverable. “ “ Sean Sullivan Security advisor at F-Secure @5ean5ullivan
  • 16. Within a company, security and data protection are not just the job of your CISO and CPO. It's everyone’s responsibility every day. Your employees may not be responsible for updating their corporate laptops and company issued devices, but if they're connecting to your corporate networks with personal devices, or home computers, they must be responsibly applying patches and updates to their own systems. Good cyber hygiene requires that you patch and update your operating systems regularly and as often as necessary. Operating systems that were properly patched were protected from this vulnerability by default. Going forward you must implement continuous and ongoing education of your employees. This education cannot be a once a year training course, but rather it must be pervasive throughout the culture of your organization. Because in the absence of security education or experience, people (employees, users, and customers) naturally make poor security decisions with technology. This means that systems need to be easy to use securely and difficult to use insecurely. Your security and data protection education program should include information about the importance of patching your operating systems and the direct tie of “unpatched systems” to vulnerabilities. “ “ Dana Simberkoff Chief compliance and risk officer at AvePoint @danalouise
  • 17. "This incident exposes how a two-month old vulnerability can cause global panic and paralyze the largest companies and governmental institutions on all continents. Worse, cybercriminals could have easily released this worm just after the NSA's 0day was leaked two months ago, and this would have led to much more destructive consequences. It would be unreasonable and inappropriate to blame the NSA for any significant contribution to this attack. Similar 0days are bought and sold almost every day, and many other organizations participate in these auctions - virtually anyone can (un)intentionally leak an exploit and cause similar damage. The real problem is that in 2017, the largest companies and governments still fail to patch publicly disclosed flaws for months. Practically speaking, the NSA doesn't really need a 0day to get their data - their negligence "invite" attackers to get in. Companies and organizations that have fallen victim to this attack, can consider contacting their legal departments to evaluate whether their IT contractors can be held liable for negligence and breach of duty. Failure to update production systems for over two months - can certainly qualify at least as carelessness in many jurisdictions." “ “ Ilia Kolochenko CEO of High-Tech Bridge @htbridge
  • 18. Ransomware is following the same trajectory as phishing. The criminals have worked out how to monetize the crime, and they know which types of businesses are likely to pay up-- and how to collect the money without being caught. It appears that the NSA breach has accelerated the process. Instead of having to develop their own zero-day attacks, the criminals have used of an arsenal developed by experts at developing cyber-weapons. The U.S. government clearly had its priorities wrong. Whether or not you think the U.S. government should be spending a fortune developing such cyber-weapons, surely it is obvious that the weapons they develop should be properly secured. If someone had lost a nuclear weapon, heads would have rolled. The CIA and NSA have been breached on a massive scale, and now the effects are being felt. What is going to be done to stop further leaks? “ “ Phillip Hallam-Baker Principal scientist, Comodo @comododesktop