WannaCry Ransomware Exposes The Lack Of Preparedness In Organisations

The recent ransomware attack dubbed as ‘WannaCry’ has proved that organisations across the globe including in India are under prepared to cope with such cyber attacks. This also reinforces that despite the ‘best’ measures, cyber attackers are one step ahead of us. India’s cyber security agency CERT has issued a red alert advising internet users in the country to update their Windows systems to the latest version and encouraged users not to pay the ransom as this does not guarantee files will be released.

Ransomware, a type malware designed to prevent access to a system until a sum of money is paid (usually as bitcoins), has gained popularity since 2005 though the first ransomware virus, AIDS Trojan, was reportedly created by a Harvard trained geek in 1989. Most recently, ‘WannaCry’ has affected more than 2 lakh individuals across 10,000 organisations in 150 countries in last 3 days.

India is a major potential target for planned and targeted cyber attacks including ransomware as it is the IT and outsourcing capital of the world with most global organisations having their back offices and call centres operating out of the country. “WannaCry is just the tip of the iceberg and organisations need to reassess the security program and strengthen detection, prevention and response capabilities to counter such attacks,” says Shree Parthasarathy, Partner, Deloitte India. “Organisations’ cyber security program needs to evolve to keep pace with evolving threat landscape and should have the ability to timely patch systems and detect such suspicious communications. Unfortunately, the current state of cyber security at enterprises is not mature enough to timely detect, prevent and respond to these threats.”

Dr Dharminder Nagar, MD, Paras Healthcare says that the recent ransomware attack is like a nightmare come true. “Unfortunately, given the lackadaisical approach we often give to cyber security, an attack of this scale was only waiting to happen. While India, as also other Asian nations, have been relatively less hit, we must take this as a serious wake-up call. We are highly underprepared to meet such attacks, with data of millions of people under threat. We cannot prepare to move to a paperless, cashless society until our e-systems are secure. When it comes to healthcare, India’s systems have only recently turned to IT-based procedures. As more and more hospitals digitise their systems, it is highly important for us to take security aspects very seriously.”

IBM Security feels that this ransomware onslaught is a resounding reminder of security basics and hygiene that is required for organisational networks. “The incident could have been avoided if critical patches were applied on time throughout companies across all industries. Enterprises constantly struggle to stay on top of regular patching cycles as this can impact day-to-day operations in some cases,” says Kartik Shahani, Integrated Security Leader, IBM ISA.

IBM said it has a global incident response and intelligence services (IRIS) team equipped to work with affected clients, and those using IBM’s BigFix security patching or QRadar Network protection technologies, have been better protected from this attack. “IBM’s Managed Security Services team has raised the AlertCon to level 3, which brings a higher level of focus and resources for our clients. We are also leveraging Watson for cyber security to analyse the data and derive insights to prevent future incidents…”

Security company RSA recommends, “If your Windows devices have not been infected by the ransomware yet, please patch now to prevent future infection, do disable the SMBv1 protocol if you are not using it, and test and make sure your backup and recovery strategies/solution is working and is not impacted by the ransomware.”