What kind of email attachments will carry the exploit?
Which users, countries and industries are most vulnerable?
How much Bitcoin will the ransom cost?
We wish we had the answers to those questions, but we don’t. We spend all our time studying vulnerabilities and exploits so you don’t have to, but even with all of our research, we can’t give you any specifics about the next ransomware attack.
Except that it will be another big pain in the neck.
Which brings us to the important question that we can answer:
“What can I do to guard against the next ransomware attack?”
Maybe you’re one of the lucky ones
A few days after the outbreak of WannaCrypt (or WannaCry, since that’s what it made a lot of IT administrators do), we hosted a panel of experts in a 30-minute webcast called The Next Massive Ransomware Attack and How to Prepare. In case you missed it, we’ve made it available to you on demand.
The consensus is that guarding against the next attack isn’t easy, but it’s a lot easier than trying to predict when the attack will take place.
But maybe you’re one of the lucky ones.
Maybe the kill switch was flipped before WannaCry made it to your environment.
Maybe you don’t use Server Message Block (SMB) file sharing in Windows, so you weren’t vulnerable.
Or maybe you heard about WannaCry, madly patched your machines and managed to stay ahead of the nightmare.
If so, then you’re pretty lucky. Do you feel like counting on that kind of luck again? Better not let your CIO/CISO know that that’s your anti-ransomware strategy.
Guarding against ransomware
Here is a small sample of the areas you’ll hear our experts cover in the webcast:
- Backups – We assume that, if you’re in this profession, you buy in to backing up your data. But the worry we hear the most from IT staff is not that they have backups; it's that they’re not confident in their ability to restore from them.
- Local administrator rights – These rights make life easier for network administrators until a disaster like ransomware comes along. They can be a big point of infection by allowing people to self-administer their machines and possibly disable programs that protect them.
- Inventory and reporting for patches – With so many different vulnerabilities on endpoints, if you don't have a good overview of your patch status, how do you know where to start? Is everyone running on the same version of updates and fixes?
The webcast will help you build a better checklist of how to stay prepared for the next ransomware attack, which will surely come.
On-demand webcast: “The Next Massive Ransomware Attack”
Listen to our 30-minute, on-demand webcast titled The Next Massive Ransomware Attack and How to Prepare. Among all the scary bits about vulnerabilities and rogue executables, you’ll hear how industry experts look at ransomware in a broader context. You’ll also hear about tools for monitoring and hardening your network. It’s a good investment in getting ready for the next big one.
Also listen to our on-demand webcast titled The Cost of Doing Nothing: A Ransomware Backup Story. It contains more details on shielding your organization from such attacks, with strategies for responding if ransomware does get in the door.
Your alternative is to start laying in a supply of Bitcoin. But hurry; the price is rising quickly.