 |
| Dhakad discusses what is damaged during a security breach. |
"While digital transformation is happening we are also seeing a deep rise in cybersecurity attacks."
The
WannaCrypt (WannaCry) global attack in May illustrates the state of the
security landscape today, Dhakad said. Although Microsoft patched the
vulnerability on March 14, exploits from the National Security Agency
exposed by a group called the Shadow Brokers
on April 14 led to opportunistic coding that resulted in the appearance
of the WannaCry ransomware on May 12 and a wave of attacks that involved
150 countries.
 |
| Dhakad with a collage of the different advisories Microsoft sent out in the aftermath of the WannaCry attack. |
Dhakad noted that WannaCry had gone for easy targets that allowed it to spread quickly: those using old systems whose operating systems were 'out of service', no longer supported by Microsoft, and so lacked the essential patches against it; the systems which had delayed patching, or which were using non-genuine software which is unable to gain access to patches. A lack of data backups also meant that victims were unable to recover from the ransomware attack, he added.
What was unusual is that Microsoft took the unprecedented step of patching systems which were out of service, Dhakad shared, in addition to the usual customer guidance. "It was an act of responsibility
that Microsoft did. We were not obligated but we felt for our customers," he explained.
Microsoft has recently updated Windows XP again in anticipation that the same users can be attacked again, Dhakad said, though Microsoft continues to recommend upgrading to a newer, more secure system.
"Everyone is a target," Dhakad warned, especially if they need their data. "You need to move fast – when patches
are available, criminals are moving faster than businesses," he said.
The ideal situation would be to get patched on an automated basis, such as happens with Windows 10, he advised. And while WannaCry simply took advantage of a known vulnerability and attacked those with poor 'IT hygiene', "there will be attackers who will not make a noise but they will
infect faster, they will steal faster and they will stay hidden," he warned.
With 100% data protection impossible to achieve, it is now critical for CEOs to drive IT hygiene and a higher level of cyber protection. Their jobs are on the line when a security breach happens, Dhakad said, pointing to resignations of the Bangladesh bank governor and Sony senior executives in the wake of security breaches. "If people at the top are not thinking about (cybersecurity), those companies are at serious risk of being damaged to the point of no return," he said.
The DCU, which tracks some 41 million IP addresses and monitors 228 known threats, continues to uncover millions of infections in Asia, including 2.4 million in China and 1.5 million each in Indonesia and Vietnam as of several days before.
"All of these threats are known threats. The antivirus should be cleaning them, and there are patches. The situation is quite grim," Dhakad said. "It is like leaving the doors and windows open in your own home. Anybody could walk in and do anything they want."
Interested?
Read the details of the June 2017 Windows security update for older platforms. At the time of the release, Eric Doer, GM, Microsoft Security Response Center said: "Our decision today to release these security updates for platforms not in extended support should not be viewed as a departure from our standard servicing policies. Based on an assessment of the current threat landscape by our security engineers, we made the decision to make updates available more broadly. As always, we recommend customers upgrade to the latest platforms. The best protection is to be on a modern, up-to-date system that incorporates the latest defense-in-depth innovations. Older systems, even if fully up-to-date, lack the latest security features and advancements."
Browse the TechTrade Asia blog posts about:
The hidden payloads in pirated software in Asia
The WannaCry saga
Microsoft patching older systems against WannaCry
No comments:
Post a Comment