Five years ago, the security world was rocked by one of the most sudden and widespread ransomware outbreaks in history. Even now, organisations are still recovering from the damage done by WannaCry, and its shadow still looms large over the industry.
While ransomware has remained a major threat for organisations over the last half-decade, we haven’t seen anything as globally impactful as WannaCry since then - so what (if anything) has the industry learned from the incident, and are we likely to see anything on a similar scale again? IEEE senior member and professor of cybersecurity at Ulster University Kevin Curran joins us this week to talk about the legacy of WannaCry.
Highlights
“First of all, you have to know your assets and what you're protecting, and then have the multi-factor authentication in, but you have to make sure that all your systems are patched and fully up to date. And then you want to have anti-malware, anti-spyware, you want to have real time analysis of the networks… Then you’ve got to train your workforce to be able to recognise social engineering attacks.”
“[Attackers] don't want to be too successful. We found that with the some of the larger attacks, the Colonial Pipeline [attack] against the United States, and the Irish hospital system, which was brought to its knees, so you don’t want to be too successful, because then the authorities will come after you as well.”
“One of the recommendations is, of course, you have automated patch management of your operating system, of your environments, and also of your software. As such, there are tools which can try to, and that do actually take snapshots of your systems, and can restore them… There's companies which specialise in that, whenever you're attacked, that they'll get your system up and running.”
Read the full transcript here.
Footnotes
- The IT Pro Podcast: Should companies spy on their employees?
- A month in the life of a social engineer – part one
- Crypto.com confirms $34 million hack caused by 2FA bypass exploit
- Colonial Pipeline CEO confirms $4.4 million payment to DarkSide hackers
- What is WannaCry?
- WannaCry showed the world how not to write ransomware
- Over two-thirds of companies still run software with WannaCry flaw
- WannaCry's ghost is still wreaking havoc five years on
- Calls for international support to fight ‘uncontrollable’ ransomware surge in developing countries
- Irish Health Service hit by ransomware attack
- Dogwalk RCE variant among 121 vulnerabilities fixed in Microsoft's August Patch Tuesday
- Visa pins end-of-week outage on 'hardware failure'
Subscribe
-
Managing NHIs in the enterpriseIndustry Insights Enterprise concerns about managing non-human identities create channel opportunities
-
Apple just released an emergency patch for a zero-day exploited in the wildNews Apple is warning millions of users of iPhones, iPads and Macs to update their software to protect against an out-of-bounds write vulnerability
-
Can cyber group takedowns last?ITPro Podcast Threat groups can recover from website takeovers or rebrand for new activity – but each successful sting provides researchers with valuable data
-
July rundown: Salt Typhoon and SharePoint scaresITPro Podcast US public sector organizations are under serious threat from the state-backed hacking group
-
Can the UK ban ransomware payments?ITPro Podcast Attempts to cut off ransomware group profits could instead harm businesses
-
We need to talk about operational technologyITPro Podcast Groups like Volt Typhoon are abusing poor hygiene in critical infrastructure to pre-position for attacks
-
‘The worst thing an employee could do’: Workers are covering up cyber attacks for fear of reprisal – here’s why that’s a huge problemNews More than one-third of office workers say they wouldn’t tell their cybersecurity team if they thought they had been the victim of a cyber attack.
-
RSAC Conference 2025: The front line of cyber innovationITPro Podcast Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event
-
April rundown: MITRE frights and Microsoft launches Recall (again)ITPro Podcast As CISA delivered an eleventh-hour reprieve for the CVE database, AWS reportedly began to pause some data center leases
-
The new era of cyber threatsITPro Podcast With AI-powered attacks and state-backed groups, security teams face face a new wave of sophisticated threats
