As for organisations, Gerrit Lansing, Chief Architect, CyberArk, suggested securing privileged credentials as a way of preventing themselves from becoming victims of ransomware.
"We are now seeing instances where attackers can use privileged credentials to find and destroy data backups, which have been typically relied on by organisations to recover from the attack and avoid paying the ransom. Back-ups alone are no longer enough, especially if organisations are exposing privileged credentials to attackers. This means organisations may have to choose between complete data loss and paying the ransom. Eliminating the attacker's ability to access administrative credentials to propagate ransomware beyond the initially compromised machine is an essential action to defend against future ransomware attacks and limit damage," he said.
Sanjay Aurora, Managing Director, Asia Pacific, Darktrace, recommended using artificial intelligence (AI) to detect threats in the earliest stages, so damage can be mitigated. "In the latest generation of AI-based cyber defence, the technology can spot an attack and take action against it, even before humans have had time to notice. Security teams cannot face this challenge without the right tools in place."
As for Ben Gidley, Director of Technology, Irdeto, he urged organisations to implement a defence in depth approach where many layers of security are implemented throughout the company's IT infrastructure. "Currently, most companies focus on protecting their systems from the outside-in with strong perimeter security. But it's too easy for hackers to get past the perimeter, especially in an open environment which is commonplace for most organizations today. By implementing a defense in depth approach, even if the hacker finds a way to break in, they won't be able to steal, or hold hostage, what's inside."
Meanwhile, Bill Taylor-Mountford, Vice President, Asia Pacific & Japan, LogRhythm, said that the WannaCry ransomware campaign highlights that education and security awareness need to be prioritised. "This attack could have been less damaging if people updated their machines but not many of us do. People need to be aware that cybercrimes are now big business and we are all potential targets. In Asia Pacific, 80 percent of organisations are confident that they are confident of their cyber resilience, but only 44.5 percent proactively check if they are truly secured. Organisations need to be sure and not assume they are safe. Overconfidence in a cybersecurity infrastructure is a risk Singapore cannot afford to take."
There are currently no known ways to recover files encrypted by WannaCry. CSA advised users whose systems have been infected to remove the network connection from their computer to prevent the ransomware from spreading. They should then rebuild their effected computer, patch it with the recommended patch, and restore the system from the backup.
Sign up for CIO Asia eNewsletters.