Experts seek defence strategy over ‘Wannacry’ attacks
Cyber security experts in the country have advised organizations to take cyber security strategy seriously in view of recent ransomware attack that targeted at some 150 countries.
Wannacry is the malware responsible for what is now being regarded as the biggest online extortion attack in history. Technically, it is classified as a worm – a type of malware that is self-replicating and self-propagating.
Malware is any kind software that is specifically made in a variety of forms to disrupt damage or gain unauthorized access to a computer system or network. It includes Ransomware, computer viruses, trojan horses, worms, trojan, spyware, adware, scareware, and other malicious programs. It can take the form of executable code, scripts, active content, and other software.
Oluseyi Akindeinde, chief technical officer, Digital Encode, said that organizations must take cyber security absolutely seriously.
“It’s no longer an issue for just the IT departments; it must now be discussed at board level in organizations if we are to maintain the integrity of the infrastructure. The target of such Ransomware is in fact everyone. Everyone with a computer, laptop or server connected to the internet. That is what makes it deadly. Absolutely, everyone should be bothered about it. Even if what you have is a mobile phone as long as it is connected to the internet,” he said.
Akindeinde said that “We are not adequately prepared for such an attack. You only need to see how even countries that were prepared were even affected let alone a country like ours that has no contingency plan in place. However, there is no statistics on the level of infection In Nigeria even though we are aware of a few computers that were affected.”
Nodding in agreement Ahmed Adesanya, IT Security and Connectivity consultant, said that organizations need to establish an incident response team as well as protect their networks by creating and using signatures, detect and respond to yet-to-be-seen threats by using behavour base analysis.
“It is time for all organizations to take cyber strategy as part of organization policy. The target of such attack is sensitive data and financial information because the action of the malware is to encrypt desktop base file and position a Ransomware message on the desktop as a readme file. I believe every organization need to be bothered because this cyber attack spread primarily by exploiting a vulnerability whose manufacturer had issued a critical security update over two months ago,” he added.
Kelechi Agu, technology lead on Security in Signal Alliance said, “as soon as we became aware of the unprecedented spread of the Ransomware attack which was hitting tens of thousands of businesses, worldwide – including the entire British Health Care sector. We immediately gave our clients a breakdown on what we know about the malware responsible for the encryption attacks, and what they can do to stop it.”
According to Agu, the important countermeasures to take are; make sure your endpoint protection solution includes malware recognition and decryption features. If it doesn’t, it is time to invest in one; replicate and back up important business data and services, redundancy is key; and ensure all Operating System patch updates are applied quickly.