Skip to main content

WannaCry failed to be enough of a security wake-up call

(Image credit: Image source: Shutterstock/Martial Red)

The WannaCry ransomware attack was a wake-up call for many IT professionals, but not for all of them, according to new reports from Lastline.

During the 2018 RSA Conference in San Francisco, 200 IT pros were randomly selected to talk about ransomware and security measures in the aftermath of WannaCry. More than half (55.6 per cent) said they were well prepared for an attack of such scale. However more than a third, 35.6 per cent said they had made changes but still don't feel secure against ransomware. Almost one in ten (8.8 per cent) said they had improved nothing.

“The fact that the WannaCry incident was not a more serious wake-up call for such a significant portion of companies, particularly a whole year later, is somewhat concerning,” said Marco Cova, chief web threat analyst at Lastline. “While it is encouraging that so many organisations have made some appropriate changes, the severe operational disruption that a ransomware attack can have on an organisation means that ‘some’ changes are not enough.”

The majority also thinks ransomware is here to stay, at least for this year, and four fifths (81.2 per cent) think the number of ransomware attacks will increase in 2018, compared to the year before. Only 6.8 per cent believe there will be less attacks.

"While being completely secure against any threat may not be feasible, there are a number of steps that organisations can take to improve their security posture,” continued Cova. “Our recommendations include keeping all systems and devices up to date with the latest patches, compartmentalising vulnerable or more at-risk devices in isolated network segments, having (and testing) backups, and using systems that monitor network and system activity for signs of intrusions.”

Image source: Shutterstock/Martial Red

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.