Customer Feedback and Content Management Special - August 2017

siliconindia | | AUGUST 20178IN MY OPINIONCYBERSECURITY: MOVE FROM STATIC TO DYNAMIC POSTURE TO `FUTURE SECURE' YOURSELFBy Maninder Singh, Corporate Vice President & Head Cyber Security and GRC, HCL TechnologiesHeadquartered in Noida, HCL Technologies is a multinational IT services company offering solutions/services majorly in the areas of Applications, BPO, Cybersecurity, IoT, and Infrastructure Management, to name a few.n 12th May'17, unprecedented WannaCry `ransomware' attacks swept across multiple geographies, exposing the vulnerability of enterprise systems. The virulent ransomware `WannaCrypt 2.0' or WannaCry spread over 200,000+ computers across 150 countries and still continues to be a threat. The aftereffects have been huge. Many of the Global 2000 enterprises have been affected, however not all instances are known. The few known instances include impact on medical and transportation services, leading to disruptions such as postponement of surgeries in UK, delayed package and parcel deliveries in U.S., blocked public information display system for trains and transportation systems, and impact on some of the public sector organizations of India.The prime reason why WannaCry has been successful in expanding its tentacles at such a wide scale globally is because of its ability to spread across the organizational network without user interaction by exploiting a known Microsoft Windows vulnerability. Enterprises need to renew their focus on solutions that ensure their systems are secure, or they risk the loss of their data, time, money and most importantly, their credibility. Such ransomware attacks prove that all efforts of threat protection against cyber-protection can never be considered complete; they need to be everevolving to prepare for more and more complicated types of attacks in the future.Let's understand how ransomware works, before arriving at a fourstep approach that all organizations should implement for effective threat protectionHow do `Ransomware' attacks work?The entry point for the worm modules in an organization is generally through a benign looking social engineering email with a luring attachment or an appealing link opened by an unwatchful employee/business user. The attachment/link tricks the user to run the malware which activates the Server Message Block (SMB) exploit. The worm can enter the exploitable systems on the worldwide internet using scanning methods.O
< Page 7 | Page 9 >