The global security business required a change in outlook as it has reached a tipping point with regards to breaches and outbreaks. In recent years, digital security agencies have been met with a surge of information breaks that have proven to be dangerous. The need to protect international corporations is at an all-time high considering the way hackers have evolved with time. Digital experts have conceded their most troubling shortcoming: An inability to understand how their employees interact with critical data. By inadvertently downloading or accessing files that are dangerous, they can put entire organization at risk.
There have been many cyberattacks in the past twelve months, with the ones including Petya, CloudBleed and the exposure of details of around 198 million voters across America. Even the politically-charged Emmanuel Macron’s campaign was under threat of being derailed owing to a massive attack.
Cyberattacks are always a threat to the global populace and it’s important that we learn from mistakes and being committed in order to prevent them from occurring again. Here’s a look at how the WannaCry ransomware virus affected businesses worldwide and how it was mitigated by one clever security expert at the right time, thus saving companies billions of dollars of revenue and business.
The WannaCry ransomware assault in May 2017 by WannaCry ransomware crypto worm focused on PCs having the Microsoft Windows Operating System. They attacked by encrypting data in addition to scrambling information and demanding ransom from victims in the form of Bitcoin. Bitcoin cannot be traced back to the source or receiver, and it has evolved to become one of the most popular modes of payment online. Fortunately, the virus contained a ‘kill switch’ that prevented it from spreading completely.
The WannaCry code had a built in check for a specific URL. If URL is inactive, the ransomware continued with execution. But when the URL became active it shutdown. This helped in reducing the spread of the attack.
Around 200,000 computers in 150 countries were infected. Such a massive ransomware campaign had not been seen on such a global scale. The National Health Service hospitals in England were one of the worst affected, with around 70,000 computers, scanners, blood-storage refrigerators and theatre equipment falling prey to the campaign. Some of them even had to divert or stop their ambulances, causing massive chaos.
The Nissan Motor Manufacturing plant in Tyne and Wear, England had to halt production after the virus affected their systems. Even Renault, the French automobile producer had to suffer losses due to the ransomware affecting their systems. However, the attack’s impact did not proliferate as it was curbed at an early stage. This was because a security expert was independently researching the ransomware and figured out that the ‘kill switch’ was in-built, thus stopping it from spreading further. Even with his timely interaction, global businesses lost close to $4 billion.
Enterprises need a comprehensive and evolving strategy to defend against these growing threats.
Enterprises need to implement multi-layered approach to security with defined process and control at each layer.
No security will work if people who play a critical part in the overall system are not updated on security aspects. Each organization should define security policies and procedure based on its business requirement and aligned with various global standards. People should be trained on these policies periodically and updated about latest threats.
The physical access to all assets handling data (Datacenter, servers, switches, storage, network) need to secured with access control and surveillance system.
Network security is one of most important piece as its under constant threat. Perimeter and internal LAN network should be well protected by following well established network design and standards. All data transfer should be encrypted, implementing internal and external firewall, network isolation, traffic monitoring, logging and alerting are some of the measures that could be adopted for securing network.
All end points (desktops, laptops, mobile) should be updated with latest threat protection software and patches, Encryption enabled and Host based IPS.
All access to data should be managed through Identify and access management system.
The process is holistic and multi-layered to ensure that there is no discrepancy on any end. Such a thorough and full-fledged check of the system ensures that threats cannot enter easily.
CSS Corp has over 10 years of experience in providing security solutions to customers with complex infrastructure and requirements in multi datacentre and cloud environments.
CSS Corp security solution framework encompasses industry standard best practices, partnership along with AI based analytics and automation to provide best security solution to enterprises. These enable enterprises to adopt to security requirement of todays’ dynamic environment.
We do security:-
For a large variety of retail chains, CSS Corp helped in securing end-point devices in thousands of stores with a smart cybersecurity solution. The primary focus was on reducing risks and improving efficiency and was done with the help of comprehensive security measures across stores. This assisted in maintaining consistency. Also, by enabling new-age cyber security solutions such as the intelligent Security Operations Center (iSOC), which allows the retailer to analyse, monitor and respond to threats, CSS Corp was able to detect them quickly. The Cyber Attack Thwarts Services (CATS) also helped retailers to assess vulnerability and security risks.
Any anomalies in end-user systems were detected with intelligent tools. Also, culture-specific assessments were conducted to identify how devices from a specific store might contribute to cyberattacks. The outcomes were revealing: