WannaCry: Top 5 lessons learned [Commentary]


The WannaCry ransomware brought with it some unexpected consequences. It spread to an estimated 150-plus countries and impacted more than 300,000 computers. It had a substantial impact.

Recent estimates place the overall range of financial implications from $4 billion to $8 billion. Most of the impact is due to loss of productivity as well as costs associated with recovery, malware removal and re-imaging hard drives.

Ransomware infections are growing. There is an estimated 36 percent increase in ransomware strains per year.

There were a number of lessons learned from this particular ransomware event. Here are the top five:

1. This event has many national cyber defense leaders calling for closer collaboration among countries.

Rogue nation-states may resort to malware attacks to create disruption of computing capabilities that is nothing more than an annoyance.

Reuse of previously used malicious code is common, and that alone does not provide insight into who is behind the attack.

The continued use of unsupported software poses substantial risks and must be addressed in all essential/critical systems.

5. The Un factor (unknown devices and unknown patches) are sitting there waiting to be compromised and used by attackers.

Some might say we learned that paying ransom demands does not mean a system will get unlocked. That is certainly true, but has been known for several years. Maintaining an accurate technology/devices/computer asset inventory is essential to maintaining timely backups and systems’ security.

Perhaps the lesson we should all learn is that global collaboration, communication and coordination is necessary to get ahead of malware infestations. In looking at all of this, one must realize that we have known all of this for years and yet we still suffer from these attacks! One has to wonder what it will take to correct these well-known shortcomings!