The IT Pro Podcast: What did we learn from WannaCry?

The IT Pro Podcast: What did we learn from WannaCry?

Five years ago, the security world was rocked by one of the most sudden and widespread ransomware outbreaks in history. Even now, organisations are still recovering from the damage done by WannaCry, and its shadow still looms large over the industry.

While ransomware has remained a major threat for organisations over the last half-decade, we haven’t seen anything as globally impactful as WannaCry since then - so what (if anything) has the industry learned from the incident, and are we likely to see anything on a similar scale again? IEEE senior member and professor of cybersecurity at Ulster University Kevin Curran joins us this week to talk about the legacy of WannaCry.


“First of all, you have to know your assets and what you're protecting, and then have the multi-factor authentication in, but you have to make sure that all your systems are patched and fully up to date. And then you want to have anti-malware, anti-spyware, you want to have real time analysis of the networks… Then you’ve got to train your workforce to be able to recognise social engineering attacks.”

“[Attackers] don't want to be too successful. We found that with the some of the larger attacks, the Colonial Pipeline [attack] against the United States, and the Irish hospital system, which was brought to its knees, so you don’t want to be too successful, because then the authorities will come after you as well.”

“One of the recommendations is, of course, you have automated patch management of your operating system, of your environments, and also of your software. As such, there are tools which can try to, and that do actually take snapshots of your systems, and can restore them… There's companies which specialise in that, whenever you're attacked, that they'll get your system up and running.”

Read the full transcript here.




ITPro is a global business technology website providing the latest news, analysis, and business insight for IT decision-makers. Whether it's cyber security, cloud computing, IT infrastructure, or business strategy, we aim to equip leaders with the data they need to make informed IT investments.

For regular updates delivered to your inbox and social feeds, be sure to sign up to our daily newsletter and follow on us LinkedIn and Twitter.