The IT Pro Podcast: What did we learn from WannaCry?

Five years ago, the security world was rocked by one of the most sudden and widespread ransomware outbreaks in history. Even now, organisations are still recovering from the damage done by WannaCry, and its shadow still looms large over the industry.

While ransomware has remained a major threat for organisations over the last half-decade, we haven’t seen anything as globally impactful as WannaCry since then - so what (if anything) has the industry learned from the incident, and are we likely to see anything on a similar scale again? IEEE senior member and professor of cybersecurity at Ulster University Kevin Curran joins us this week to talk about the legacy of WannaCry.

Highlights

“First of all, you have to know your assets and what you're protecting, and then have the multi-factor authentication in, but you have to make sure that all your systems are patched and fully up to date. And then you want to have anti-malware, anti-spyware, you want to have real time analysis of the networks… Then you’ve got to train your workforce to be able to recognise social engineering attacks.”

“[Attackers] don't want to be too successful. We found that with the some of the larger attacks, the Colonial Pipeline [attack] against the United States, and the Irish hospital system, which was brought to its knees, so you don’t want to be too successful, because then the authorities will come after you as well.”

“One of the recommendations is, of course, you have automated patch management of your operating system, of your environments, and also of your software. As such, there are tools which can try to, and that do actually take snapshots of your systems, and can restore them… There's companies which specialise in that, whenever you're attacked, that they'll get your system up and running.”

Read the full transcript here.

Footnotes

• The IT Pro Podcast: Should companies spy on their employees?
• A month in the life of a social engineer – part one
• Crypto.com confirms $34 million hack caused by 2FA bypass exploit
• Colonial Pipeline CEO confirms $4.4 million payment to DarkSide hackers
• What is WannaCry?
• WannaCry showed the world how not to write ransomware
• Over two-thirds of companies still run software with WannaCry flaw
• WannaCry's ghost is still wreaking havoc five years on
• Calls for international support to fight ‘uncontrollable’ ransomware surge in developing countries
• Irish Health Service hit by ransomware attack
• Dogwalk RCE variant among 121 vulnerabilities fixed in Microsoft's August Patch Tuesday
• Visa pins end-of-week outage on 'hardware failure'

Subscribe

• Subscribe to The IT Pro Podcast on Apple Podcasts
• Subscribe to The IT Pro Podcast on Google Podcasts
• Subscribe to The IT Pro Podcast on Spotify
• Subscribe to the IT Pro newsletter
• Subscribe to IT Pro 20/20