Wannacry highlights need for security collaboration

Government and private sector need to work together to improve awareness, best practice and threat intelligence, says Help AG

Tags: Ransomwarehelp AG (www.helpag.com/)
  • E-Mail
Wannacry highlights need for security collaboration There is a increased need to improve security awareness across all sectors, says Solling.
By  Mark Sutton Published  June 1, 2017

The large-scale ransomware attacks of the weekend of 12th-13th May, which severely disrupted the operations of a number of government organisations, highlight the need for better collaboration between authorities and the private sector, according to Nicolai Solling Help AG.

WannaCry ransomware attacks infected well over 230,000 PCs in a short space of time, mainly in Europe and India. The attacks used hacking tools stolen from the US National Security Agency to exploit a vulnerability in Windows.

The malware targeted a vulnerability in Windows, which had been patched by Microsoft in March, but which was still open in some older versions of the OS, notably Windows XP.

Although the attacks were not directed at specific targets, public sector organisations were seriously affected, with disruption to Germany’s national railway, Russia’s Ministry of Interior and Ministry of Health, and several local government authorities, universities and government agencies.

One of the worst affected organisations, the UK’s National Health Service was forced to stop all but emergency health services in some areas. Organisations in the GCC mainly escaped infection because workplaces were closed for the weekend.

Solling said that the initial vector of infection of WannaCry, delivered as a Trojan through a loaded hyperlink disguised in an email, web advert or Dropbox link, showed the need for improved security awareness among all staff.

“As tech-savvy as users are today, they are still prone to being duped by malicious schemes that now look more legitimate than ever before,” he said.

“For this reason, I believe both government and private institutions have a role to play in spreading security awareness which is fast becoming a fundamental element in the battle against cyber-crime. Attackers are increasingly employing social engineering schemes to execute their attacks and these exploit user behaviour and trust rather than technical vulnerabilities alone.

“Bodies such as the UAE’s National Information Security Awareness (ISA) Committee are a step in the right direction to addressing this challenge. This organisation was founded by close collaboration between government and private institution with the objective of developing standards, guidelines, and best practices for the effective implementation of information security awareness programs and workshops across the country.

Public and private sector should also work together in areas such as threat intelligence, Solling said, to improve the ability to raise awareness of and react to security threats.

“Another potential area of collaboration between government and private security companies is Threat Intelligence. The idea behind this is to leverage the intelligence gained from security feeds in order to recognize and act upon indicators of attack and compromise more rapidly. Currently, organisations that utilize threat intelligence rely on data generated from the devices they have deployed, and threat feeds delivered by security vendors such as Palo Alto Networks, Cisco and many others. But the involvement of government agencies in this regard could help create centralised threat data-bases that are frequently updated and drawn upon by organisations to stay up to date with the latest threats,” Solling said.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code