How can companies combat WannaCry ransomware?

In the wake of a worldwide hack that affected 150 countries and led to thousands of computers losing their data, Networkers’ Shaun Turner examines the causes behind the spread of this attack, the skills businesses need to mitigate the risk of further attacks and the effect the attack has had on the current cyber security recruitment market.

What caused the attack?

The recent attack was caused by ‘ransomware’ - a type of malicious software designed to block access to a computer system until a sum of money is paid - that demanded $300 per computer to release sensitive files. At the beginning of the attack it was suspected that the malware was spread by phishing emails; however, this is now widely disputed by experts. Instead it is believed the affected computers would have been vulnerable nonetheless, due to the computers still running old operating systems and users not upgrading their anti-virus systems.

What can be done to protect IT systems?

The recent cyber-attack highlighted to organisations across the world the importance of checking for vulnerabilities in IT infrastructure. It also showed the importance of acting quickly to secure these vulnerabilities to prevent malicious software and phishing schemes infiltrating and corrupting systems. Experts suggest that as a minimum, IT departments should be upgrading security systems on a regular basis, as well as ensuring users have the latest and safest software installed. 
How should organisations prepare for the future attacks?

Businesses, government departments and SMEs are realising the need to employ full time cyber security experts to ensure they are best positioned to manage attacks and isolate malware at source.

One of the many ways organisations could prepare against cyber-attacks could be to hire a penetration tester who has the job of hacking into the company’s existing systems and networks to identify vulnerabilities. These professionals will be Certified Ethical Hackers (CEH certified) and will have gained experience from a variety of different sources from their education at university or even through trialling and testing they have conducted in their own time.

Once the vulnerability has been discovered, depending on whether it is in the network infrastructure, software or even hardware the penetration tester will pass on the details to the Chief Information Security Officer (CISO) or another cyber security professional in a more senior or managerial role to then make a decision and brief in the relevant cyber security team on what work needs to be done. These professionals will have Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certifications as well as vast experience in the security of systems within various industries.

If the vulnerability was found within the network infrastructure the CISO would inform the Network Engineer/Firewall Engineer to mitigate or secure the vulnerability. Network Engineers will have different skills depending on what operating system the organisation is using. For example, if it was a Cisco system, the Network Engineer would possess a CCNA/CCNP certification.

Encouraging signs already being seen in the market

Since the attack we have seen an upswing in requests for IT professionals to help resolve the problems across the country and to test the systems of a number of organisations. Also, unsurprisingly, we are seeing an increase in the number of enquiries we have received for full time cyber security experts who can work on the IT infrastructure of an organisation to ensure it is as safe as possible. This upswing is a sensible move; investing in specialist staff in the short term is a great way to save money in the long run. However businesses and government departments will need to move quickly, before it is too late….Again.

To see our latest cyber security vacancies please click here.

Recommended articles

Top in News & insights

Related fields of work

Back to top