30 Days after WannaCry

abdullahamir's picture
abdullahamir

WannaCry or Wcry represents the latest version of a growing threat called Ransomware – a tailored piece of malware designed to exploit specific vulnerabilities in the operating systems of its victims’ computers.

Malware outbreaks are not infrequent, but Wcry spread so rapidly that it revealed vulnerabilities in the business planning, employee preparation and internal procedures of organizations all over the world. A majority of affected systems were running outdated versions of software, with no access to updates because the vendor had phased out support to these legacy systems.

The financial services industry sector is no stranger to the phenomenon of outdated software. Many of today’s financial systems still run on UNIX based platforms developed in the 1980s and 1990s, which often are no longer supported by vendors.

What the financial sector can learn from the Wcry fallout is the importance of investing in a sound risk management framework that involves technology change management as well as updated software – all of which could have prevented Wcry.

Investing in a sound backup and continuity plan can also enable organizations to quickly rebuild and recover systems in the event of a cyber-attack or ransomware impact and eliminate any need to pay ransom. Most law enforcement agencies and cyber experts would caution against paying the ransom as it may open the victims up to further exploitation and potential identify theft.

Financial services organizations and their leadership have a duty to protect their customers’ financial interests as well as their own institutions. This begins with a dedicated cyber agenda at the Board level along with the formation of a cybersecurity action committee reporting directly to the CEO.

Bank-wide vulnerability assessments across all of the business units that are C-level driven and business-aligned should be prioritized. Additionally, a dedicated cyber security business unit should be formulated with the goal of assessing and implementing new types of capabilities, processes and functions to combat growing threats.

Finally, encouraging bilateral and multilateral communication mechanisms with other banks in the marketplace, and interfacing with regulators to inform of threats and share information of potential breaches as well as threat intelligence from local, regional, and international partners can provide the contextual understanding needed to proactively defend institutions from future threats.

What do you think about WannaCry Ransomware? Are you affected as well? Let us know in the comment section below!