Computer systems from Russia to the United States were struck on Tuesday in an international cyberattack that bore similarities to a recent assault that crippled tens of thousands of machines worldwide.
Symantec has said the new attack was using the same hacking tool created by the National Security Agency that was used in the WannaCry attacks. The vulnerability was patched by Microsoft last April, but as the WannaCry attacks demonstrated, hundreds of thousands of organizations around the world failed to properly install the patch.
So our advice is do the patches in a timely manner. Just because the vendor rolls out a patch doesn’t mean anything if you don’t install it. It is an unfortunate truth that the larger and more controlling an organization is, the higher chance it won’t update its software in a timely fashion.
There is still much more to find out about the attack but the lesson is clear. You need to be proactive and do the basics to have any hope of avoiding these attacks. If you do not know what I mean by that take our course ‘The definitive guide to Cyber Exposure’ at the Global Risk Academy http://globalriskacademy.com/p/the-definitive-guide-to-cyber-exposure-management
More when the dust has settled.
Comments