Computer with WannaCry written on the screen

A Month After WannaCry: How Do We Stop the Next Threat?

It’s been almost a month since the WannaCry ransomware attacks crippled businesses and governments in more than 150 countries.

Though the attack was short-lived with a “kill switch” quickly identified, the disruption sent a clear message: As bad actors become more powerful and bold in their attacks, organizations must step up their game to stay safe online.

WannaCry caused more disruption than we have seen in quite a while because it combined next-generation threats and vulnerabilities with automation. This style of attacks – and ones aimed at specific industries – should be expected in the future.

While DXC and other experts have suggested that this threat style would be prevalent in 2017, organizations tend to be in various stages of preparedness. Patching regimes need to be reviewed. Network traffic needs to be inspected more.  Backup routines need to be strengthened, and systems that are almost stand alone should be included in IT inventory monitoring.

Dealing with these new threats requires us to look well beyond typical mechanisms to protect, detect and respond. At DXC, we are using big data and analytics to find anomalies before they grow into bigger issues, something that could work on a WannaCry-like attack that has code for built-in testing whether the user wants to run it or not. Extending this approach with the use of security mechanisms such as honeypots and black holes could also help.

Ultimately what’s needed are smaller attack domains. This can be accomplished by compartmentalizing and segregating network activity. Also, by integrating with vendors early in the process of vulnerability identification, organizations can improve their security posture. Some of this is already underway, and having a partner ecosystem that links engineering teams is critical.

In the near future, I see artificial intelligence and robotics helping the cause. These tools will draw on the combined power of (anonymized) data from multiple organizations. This type of collaboration and sharing of best practices will be essential to the fight.

As digital transformation continues across organizations, enabling seamless, instant connectivity between people, applications, devices and things, security must remain top of mind. As organizations continue to invest in proven security technologies and grow their security awareness, our information assets have a fighting chance.

Take this self-assessment to see if your organization is ready for the next attack.

This post first appeared on DXC.Technology in June 2017.

Chris Moyer

Author: Chris Moyer

Chris Moyer is the DXC Technology Chief Technology Officer for the business group and leads the DXC Mobility and Workplace practice. As the CTO, Chris leads a trusted group of technical advisors, providing technology roadmaps, applying innovation and governing solutions that deliver business outcomes for clients. As the leader of the Mobility and Workplace Practice, he is responsible for establishing the services portfolio DXC clients use as the window into their information – whether in an office or on the road. Supporting over 500 different clients and 6 million devices, the Practice provides CIOs with secure delivery of information assets to their organizations and customers. Chris Moyer is currently also working with Microsoft on a joint Go to Market strategy.