WannaCry Cyber Attack
On Friday 12th May 2017 a cyber-attack was launched on a global scale from an unknown source. This attack quickly took hold, infected and effectively disabled the computer networks of hundreds of businesses around the world including the NHS in the UK and FedEx in the USA. The attacker in question was using malware (malicious software) to encrypt user’s data and demand a ransom to enable it to be decrypted, this is known as a ransomware attack and is nothing new, the scale of the attack however is unprecedented. The attack is being referred to as WannaCry or WannaCrypt.
What caused the attack to be so devastating was less about the payload (the ransomware) and more about the delivery method. WannaCry took ransomware and packaged it up with a self-replicating computer worm meaning once a single computer had been compromised the entire network would quickly follow. The worm exploited a vulnerability in a legacy Windows protocol (SMBv1) which was first publicised in an alleged leak of NSA secrets released by a group known as ‘Shadow Brokers’. Microsoft had released a patch to fix the vulnerability and close the security hole in March; every computer compromised had not installed the update or was running an unsupported operating system (primarily Windows XP).
As part of our cyber security policy all of Incorporatewear’s computers are updated regularly with critical security patches being installed automatically with no user intervention required, this meant we were fully protected against WannaCry. In addition to remaining up-to-date, if any infection had taken hold on our corporate network it would have been halted by our enterprise grade firewalls and would have been unable to spread. Incorporatewear does not have any computers running Windows XP.
Despite being fully protected it has still been a priority in the wake of WannaCry to review patching across our network and ensure we are protected from future attacks. We do not stand still and in the current climate complacency is not an option. Going forward cyber security is a major priority for ICW over the next twelve months, as we head towards 2018 and the introduction of General Data Protection Regulation (GDPR).
In addition to our existing plans to review every single one of our systems and ensure data security is ‘by design’ and not a bolt on, in the wake of WannaCry we will be implementing some additional ransomware specific measures to add to our layered cyber security strategy.
At Incorporatewear we take data security very seriously, we hold sensitive data for our customers and its protection is of upmost importance to us. We maintain our PCI DSS compliance through regular recertification, are subject to annual penetration tests by CREST accredited ‘ethical hackers’ and we are constantly reviewing and updating our approach to securing both data and systems.