WannaCry... I really wanna cry... this whole thing is insane. No, I've not been infected... nor have any of my clients. And yes, it's still possible some of my, shall I say, lesser attentive clients could be infected tomorrow or at some point in the future. But this whole thing is driving me nuts. It wouldn't be a story if IT management had taken security and patching seriously. The malware uses an exploit patched two months ago. If people patched regularly, nothing would be infected. I hate to say this - largely because the policy annoys me and has seriously inconvenienced me on more than one occasion - but this is exactly why Microsoft has started forcing Windows 10 computers to patch and reboot on a monthly (or more frequent) basis.

Let me be clear - there are thousands of new threats EVERY DAY. The way you protect yourself is by being diligent about your own security and learning to use technology / implement technology in a manner that keeps it as secure as possible. Absolute security is not possible - security itself is a balance of minimizing the threat risk and minimizing the user's inconvenience. But the way to be safe - and to protect your valuable information - is to take a tiered approach and, among other things, educate yourself/your users so they understand what to look for. Implement policies that minimize access - we're not trying to suggest your administrative assistant is untrustworthy - but do they really need access to the accounting data to do their job or did you give it to them "just in case"? Have a firewall in place with appropriate rule sets for both incoming traffic and outgoing traffic. Use antivirus but recognize these are FAR, FAR from perfect. And MAKE BACKUPS. INCLUDING Offline Backups. And CHECK YOUR BACKUPS! Make sure something hasn't been going wrong for the last 2 months and they are, in fact, WORKING!

And if you are a consultant, REMIND YOUR CLIENTS about these things - I hate the term, but it's a teachable moment! And if you own a business with IT, ask your IT folks if these things are being done/in place... and if not, GET THEM DONE and in place. And then you can sit back and laugh too the next time the media cries over criminals holding your data hostage... because you'll know you probably won't be hit and if you are, you've got the backups to recover with minimal interruption!
18
LVL 7

Expert Comment

by:Brian Matis
Some speculation I heard about is that this is particularly bad in regions that have a lot of piracy. So they could have pirated versions of Windows that aren't getting system updates...
1
LVL 138
150 Countries affected and at least 250,000 devices, and $48,000 paid so far in Ransom monies!
2
LVL 138
a little bit busy at present!!!!

Layer Technologies.....

1. Anti-virus
2. Patch
3. Whitelist of apps which are allowed to run!
4. Reduce Admin rights!
1

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month