WannaCry a wake-up call for businesses
15 May 2017
As cybersecurity threats continue to evolve, ransomware is fast becoming the number one cyber security challenge for businesses, irrespective of their size, location or industry they operate in, says Shree Parthasarathy, partner, Deloitte Touche Tohmatsu India LLP
The world is experiencing one of the most widespread ransomware attack with more than 2,00,000 individuals across 10,000 organisations in 100 countries affected in last three days.
The current attack was carried out by a ransomware dubbed as ''WanaCrypt0r 2.0'' or WannaCry. Ransomeware, is a type malware designed to prevent access to a system until a sum of money is paid, usually as Bitcoins. (See: 'WannaCry': second malware wave feared; India on high alert)
In the aftermath of the latest attack over the weekend, organisations are scrambling to determine if they have been impacted and, if so, to what extent.
There are many organisations that are doing nothing, as they do not know what to do since they do not have the skills or resources to review their threat asessment and are hoping that the storm will pass.
The true impact of the attack is yet to be determined, and it is quite likely that it never will be.
As cybersecurity threats continue to evolve, ransomware is fast becoming the number one cyber security challenge for businesses, irrespective of their size, location or industry they operate in.
WannaCry is a wake-up call to enterprises and individuals of the need for better Cyber Security. It also raises awareness to alarming levels and demonstrates the impact that a ransomware can bring to enterprises and clearly demonstrates the shift towards financial gain by attackers.
The alarming sophistication of ransomware, marks a paradigm shift in the cybercrime ecosystem.
The cyber security programmes within organisations needs to evolve to keep pace with evolving threat landscape and should have ability to timely patch systems and detect such suspicious communications.
Unfortunately, the current state of cyber security at most enterprises is not uniformly mature to detect, prevent and respond to these threats in a timely manner.
India is the IT and outsourcing capital of the world and most global organisations have their processing backbone and call centres operations in India.
This and the geo-politics of the region make India a large potential target for planned and targeted cyber-attacks including ransomware.
WannaCry is just the tip of the iceberg and organisations need to reassess the security program and strengthen detection, prevention and response capabilities to counter such attacks.
Safeguarding against outbreaks requires organisations to always keep their systems secure. Constant user awareness towards security can help, while organisations develop a dependable and continually evolving cyber security program.