Cyber-Security- WannaCry, Petya/NoPetya, Myths, Protection Plan and Guide
May 2017 would be remembered as one of the horrifying months for many firms and individuals who were under threat of WannaCry, followed by Petya. During this period, Google trends showed them as most searched keywords, few firms ran a scan to make sure things are in place, and many individuals were scared to perform any financial transactions. Now as August approached people have forgotten the “threat” and working to build something new and innovative. Is this the way we perceive security?

Original Image — Huffpost
. Myths of Security
Many firms and individuals have not yet recognized what it means to be secured, here are some of the common myths prevailing in institutions and individuals.
* *Firewall protects me from all harm and danger : While firewall could help in creating a barrier for unrestricted access to a private network, it is not enough for you to protect from cyber threats like malware, data breach, ransomware or viruses.
** I do not need complicated and expensive solution for my simple business/personal machine : While you build/buy a home for yourself, don’t you look for the security measures even if that means cutting on luxuries? Similarly for any business [big/small] or personal laptop protecting against the threat is crucial as once your data is lost or you lose your brand, it would be hard to recover it.
**I do not have anything critical that would attract attackers : As per IBM report, 62% of cyber-attacks are aimed at small and medium sized enterprises, as they are easy targets.
**After the attack, I would be able to restrict the damage done : You could cross the bridge when you come to it, but as per Trustwave Report, 81% of reported intrusions are highlighted by external sources like fraud monitoring or news rather than internal security processes.
**I have a strong password : While inputting the password, the analytics besides it shows “very strong, ” and you are delighted as powerful password protects your system. Be it iris scanner, biometrics or keyboard driven password all are susceptible to be hacked and cracked.
**Security will have lowest ROI : Do you mix investment and insurance? Similarly assigning ROI to security aspect itself is not a right notion. Since Security features itself to protect you and assuring you an ROI. Both in terms of tangible and non-tangible aspects to business.
. Fact Sheet of Two Ransomware attacks

Sources — Cloudendure , Franciskim , ZDnet and CNBC
. Protection Plan for Enterprises, Small Businesses, and Consumers against Ransomware
Less than half of global SMBs think they’re at risk of suffering a ransomware attack this year, despite more than 60% having already been affected, according to new research from Webroot. Just two-fifths (42%) claimed ransomware was a significant external security threat this year, despite major global attacks such as WannaCry and ‘Petya.’ Higher up on the list were DDoS (43%), phishing (47%), mobile attacks (48%) and “new forms of malware infections” (56%). So what could be done to protect your business or personal machine from these threats?

Source — TrendLabs
. Quick Guide to Cyber Security
As pointed earlier ransomware is not the only security threat that businesses need to gear up for, there are phishing, malware or DDoS so what could be done to prevent against any such attacks. Follow our quick guide –
**Continuous Monitoring : Continuous monitoring of logs and network is essential to detect unusual patterns or unauthorized access to the system. One could use cyber security analytics that could help you in breaking down the barriers.
**Get Educated : Establish Security process within an organization. Dos and Donts, security training, etc. to all your employees so that they know what as an organization is being done to fight cyber threats. USB’s or other media storage devices being used in several computers often carry viruses with them. Hence it would be beneficial first to get it checked or could be made inaccessible.
**Install Regular Updates : One of the prime reason the ransomware WannaCry came into existence was that many people did not refresh the security patch provided by Microsoft. So, make sure to schedule such process and be up to date.
**Structuring User Privileges : Not all users need Admin controls, while some firms have strict admin role policy small & medium enterprises allow it to all users, it would be wise to review these permissions. Many firms also provide access to domains and servers via common id, making it difficult to back track to a person who might have done something unethical. Structure the user management with strict guidelines on ethical and unethical practices.
**Device Management : With firms gladly accepting BYOD or all-time connectivity via mobile and multiple devices, it is crucial to monitor the access and make sure each device is secured via a VPN.
**Back up your data : With cloud solutions now accessible, it is important to back up your data periodically. Even the working files and other critical pieces need to be present at Local LAN so that if a machine gets corrupted/hacked, there is no data loss.
David Bernstein once said — For every lock there is someone out there trying to pick it or break in. At Teknospire we believe in the same and hence respect and adhere to security. Our technology solution follow the multi layered security process that includes continuous monitoring, regular updates, authorized access and above all scheduled back up of data to deliver Safe Solutions to our clients.
REFERENCES
A four step plan to prevent Ransomware attacks
Emerging Hadoop based cybersecurity solutions break down barriers
SMBs are ignoring the Ransomware threat: Report
The 7 Outages That Wreaked Havoc in Q2 2017
10 steps to Cyber Security
‘Petya’ ransomware: All you need to know about the cyberattack and how to tell if you’re at risk
Petya ransomware attack: How many victims are there really?
5 common misconceptions about Data Security
AUTHOR(S)
Pranesh
Chief Technology Officer
Samiksha Seth
Content Strategist
Originally published at teknospire.com.
