Security Market Segment LS
Wednesday, 28 June 2017 09:43

Latest ransomware: enterprise IT teams earn flak Featured


At least two officials from security companies have taken aim at IT teams in businesses after the latest Windows ransomware attack that spread from Europe to other parts of the world overnight.

Ross Brewer, vice-president and managing director of international markets at LogRhythm, said both WannaCry and the latest attack showed "the lack of accountability and focus on basic IT and security fundamentals".

"Core IT operational competencies, such as patch management, back-ups, disaster recovery, and incident response are not well implemented or maintained," he said.

"These are absolutely essential in protecting your company from damaging cyber threats and without them you are left in a perpetually vulnerable state, a sitting duck for these types of attacks, merely hoping that you aren’t compromised. The only actions you take are responsive, only after some other unlucky company was compromised."

Brewer said that security vendors were often criticised for fear mongering and exaggerating the possible consequences of a cyber attack.

"But I think we can agree that recent events are starting to show that the warnings were warranted," he said. "These attacks are targeting our top businesses, banks, healthcare institutions and other critical national infrastructure, are revealing the chaos that ensues when organisations lose control of their data – when are we going to do something about it?"

Tenable technical director Gavin Millard also took aim at business IT teams, saying: "If this attack turns out to be leveraging the same vulnerabilities WannaCry leveraged to spread, or other known bugs that have had patches available for months, there are going to be some awkward conversations between IT teams that failed to patch or protect and businesses affected.

"The publicity around WannaCry couldn’t have been larger, probably eclipsing Heartbleed, yet if this is the same attack vector, it demonstrates a distinct lack of taking threats like this seriously.”

Yaacov Ben Naim, senior director of cyber research at Cyber Ark, said it had been noticed that the latest ransomware appeared to be sparing endpoints that used an US English-only keyboard, pointing out that this "seemingly self-imposed restriction has been seen in nation state attacks".

Malwarebytes ANZ regional director Jim Cook warned that this outbreak would not be the last. "If Shadow Brokers keeps its promise to continue releasing NSA exploits, it seems that this sort of mass infection will become common – so now is the time to ensure you have a decent back-up system, patch process and a current end point security solution in place."

Forcepoint chief executive Matt Moynahan said an important takeaway was "the undeniable trend in the increasing ease by which attackers can penetrate the perimeter and get inside of corporate infrastructure".

"Perhaps even more important to consider is the motivation behind the attack and the harm intended on the target. In this case it was to hold companies ransom for US$300; it could have been much worse. To address these new and evolving threats, we need to understand the intent and motivations behind them.

He said that if there was no investment in the cyber security of critical infrastructure "we will continue to see massive attacks with economic, employee and public safety ramifications. From the government to the boardroom, leaders need to make cyber resiliency a requirement, putting focus and funding behind it".

"While the perception may be that if we criminalise cyber attacks we will inhibit innovation, the reality is that if we do not treat cyber crime more seriously, attacks like WannaCry and Petya will start to feel even more commonplace than they already do.”

The Shadow Brokers, which dumped a number of NSA exploits, among them EternalBlue which was used in the WannaCry attack, has said that any future exploits would only be available for sale on a subscription model.


You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer


QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.



iTWire can help you promote your company, services, and products.


Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments