• The real reasons behind the WannaCry ransomware

    15 May 2017

    As we continue down the path of yet another major security breach – this time with the ransomware WannaCry – let us remember that it’s not just about the criminal hackers, out-of-control government agencies such as the NSA, or vendors such as Microsoft putting out vulnerable software. Every single one of us working in IT, security, and business today are complicit in these challenges.

    • Outdated/unsupported operating systems are running. We are responsible.
    • Patches are not getting installed in due time. We are responsible.
    • People are clicking links and making other bad decisions. We are responsible.
    • Stuff is happening on the network, sight unseen. We are responsible.
    • Policies are ignored. We are responsible.
    • Unfunded mandates still exist. We are responsible.
    • Systems – even entire network environments – remain untested. After all, you can’t secure what you don’t acknowledge. We are responsible.
    • Underscoped and unauthenticated vulnerability scanning and penetration testing paints an inaccurate picture of the average security posture. We are responsible.
    • Incident response procedures remain undocumented. We are responsible.
    • Credibility and relationships are essential for mastering information security, yet we continue to focus on everything but that. We are responsible.
    • Information security continues to be seen as IT’s problem. We are responsible.

    I don’t know how many more widespread breaches we’ll have to endure but I do know that everyone has a hand in these challenges before us. We can continue down the path of promising that we are compliant and secure when we are, in reality, reacting aimlessly to everything that happens. I know that managing enterprise IT environments is not easy and I certainly don’t envy anyone responsible for securing them. Still, there is so much that most organizations are leaving on the table. But, why?

    Is it people protecting their territories under the guise of long-term job security? Perhaps it’s lack of budget or management buy-in? Maybe it’s an out-of-control user base continuing to not think before they act…?

    Whatever it is, it needs to change. The criminal hackers and those supporting them are not going away. In fact, they look at issues such as the WannaCry ransomware outbreak as yet another reason they need to keep doing what they’re doing. As the saying goes: change before you have to.