On March 14, 2017, Microsoft released patch MS17-010 for vulnerabilities. For those who did not install the patch for a whole two months after its release, May 12, 2017 was the day panic ensued. The WannaCry ransomware outbreak had arrived.
If asset owners are patching routinely, they would not be susceptible to attacks. Assuming that the appropriate controls are in place such as regular patch management and vulnerability assessments, then this could have been avoided.
Having the right security measures in place will help you prepare for the next attack, which is predicted to be much worse than WannaCry.
Here’s how you can prevent such attacks:
- Endpoint protection – up to date virus definitions to block attacks on each endpoint
- Vulnerability management – vulnerability scanning to identify vulnerable assets
- Threat monitoring – visibility/alerting of potentially malicious traffic
- Log management – keeping logs pertaining to DNS queries and firewall traffic to malicious sites and correlation with other tools
It does get trickier for older devices such as Windows XP and Windows 2003 as these Operating Systems are no longer supported by Microsoft. Fortunately, Microsoft recently provided patches for XP and 2003, due to WannaCry.