Cybersecurity has become one of
the most essential board room topics the world over as directors’ grapple with
the ever growing threat of cyber thugs. Having been overwhelmed by the
competitive edge offered by automation, Large corporates and even MSMEs adopted
these systems to remain relevant in the business environment of the time. The
Y2K effect further drove the consequence of automation to every dynamic
business. In the year 1999, businesses came face to face with the reality of
critical transition as risk managers raised the alarm of possible trials of
system transition to the year 2000. However,
as the years passed by firms realised there weren’t as exposed as previously
anticipated and normalcy returned to business. Scroll a decade later and ICT
had been transformed to become the centre of service delivery accounting even
for the extinction of a number of careers in the process. With the benefits of
automation also came the risks of cyber threats. This illicit industry has
grown massively into a billion-dollar alternative career excursion. Systems
have been attacked and users have lost personal information to the criminals
who have since evolved into one of the most feared terror campaigners of the
present day.
On Friday the 12, 2017 the world
woke up to yet another doomsday piece of news: WannaCrypt ransomware attack should make us wanna cry!
Dubbed as one of the worst attacks of this generation, the ransomware attacked
more than 200 000 in more than 150 countries in shortest period of time ever
recorded. The attacks were perpetrated through a known Microsoft system
vulnerability, the attackers used leaked techniques for hacking Windows OS that
were discovered by the National Security Agency. Despite Microsoft having
issued a patch for the vulnerability in March 2017, many legacy systems had not
been updated with this patch and thus fell victim to this group known as Shadow
brokers. Despite the discovery of a kill switch by a British firm, MalwareTech,
the ransomware has since affected some African countries such as South Africa, Nigeria, Angola,
Egypt, Mozambique, Tanzania, Niger, Morocco and Tunisia and
companies particularly those still using the legacy systems.
Why is WannaCrypt special?
WannaCry is not just a ransomware
program, it is also a worm. This means that it gets into your computer and
looks for other computers to try and spread itself as far and wide as possible.
Ransomware has a habit of mutating, so it changes over time in order to find
different ways to access computers or to get around patches.
So how does this malware work?
WannaCry works by encrypting data on a
computer that has been infected. It then tells the user that their files have
been locked and displays information on how much is to be paid and when. The
ransomware takes control of files on Windows computers and demands the payment
of $300 dollars in virtual currency Bitcoin before it can restore access or
double the cost after three days. The
ransomware encrypts data on the computer using an encryption key that only the
attacker knows. If the ransom isn't paid, the data is often lost forever.
But why did it take so long to find
solutions to the attacks and what can be done about it?
Practically
some organisations in Zimbabwe view IT security IT security and cyberattacks
more as a business development opportunity than as a chance to put their
collective heads together to eliminate threats. The pace at which the industry
is growing coupled with the rate at which Zimbabweans are adopting automation
calls for more concerted efforts to be directed towards addressing information
security issues, risk management and overall guaranteeing the continued
existence of the firm.
Keep
windows updates off? – Zimbabwe is one of the countries with
the highest piracy rate for Windows Operating Systems and as such, many of the
mechanisms are directed towards making these systems unable to update. However,
WannaCry requires that all systems be properly updated hence highlighting a
serious challenge for many organisations.
Upgrade
legacy systems – in addition, many companies in Zimbabwe
are running legacy systems which are seldom updated. This ignorance is driven
by the lack of knowledge of the implications of not updating as well as lack of
capacity in ICT functions to closely monitor systems updates. The situation is
further exacerbated by the lack of standard operating procedures on ICT systems
which would allow for continuous monitoring and adherence to global ideals for
ICT service management.
Don’t
pay
- Security experts warn there is
no guarantee that access will be granted after payment. Some ransomware that
encrypts files ups the stakes after a few days, demanding more money and
threatening to delete files altogether.
User Training – in the previous articles that I have written, I have
highlighted the importance of people within any information processing system.
People are key to the safety of the system from any kind of attack and research
attributes their relevance to about 90%! What does this entail; user awareness
of how to respond and how they work remains key. Users need to be trained to
know their system and to have ownership of that system. When users are well
trained and equipped, attackers will find little room to manoeuvre as users
will be vigilant. I have noticed that in Zimbabwe, new users rarely undergo IT
induction to make them aware of their value to the system. Many thus end up
experiment for they do not know what they are doing! Managers thus need to
invest in continuous training and interaction of ICT functions and other
business related units in order to make them aware of their environment.
Invest
– apart from investing efforts in their users, managers also need to channel
their resources into ICT function in the organisation through ensuring that ICT
personnel receive adequate training in order for them to properly manage ICT
infrastructure. Investment also ought to be put in the direction of research
and continuous environmental monitoring. Research allows the organisation to
keep abreast with the ever changing world of technology and hence allow them to
cope with the demands of such changes. Moreover, Business continuity planning
and Disaster Recovery Planning also take centre stage. WannaCry is surely going
to test the resilience of such mechanism as more data stands at the risk of
being lost. It is the duty of every manager and every user to ensure that
information is protected for WannaCry is a sure sign that more is on its way!
