WannaCry? Spare the Tears with a Health Check
May 19, 2017 No CommentsFeatured article by Anne Baker, Vice President, Marketing, Adaptiva
By now, unless you are living under a rock or have gone into some sort of self-imposed exile, you’ve heard about the havoc WannaCry is wreaking on PCs worldwide. In no time at all, this sneaky worm took advantage of systems that had yet to apply a patch for certain vulnerabilities. Shooting across tens of thousands of organizations on Friday, WannaCry affected more than 300,000 systems in over 150 countries, and it’s being dubbed the biggest ransomware offensive in history. So, aside from physically crying, what do you do to ensure that your company is and remains worm-free? Get a Health Check!
Obsessed with trying to protect our customers—many of whom have hundreds of thousands of endpoints— we rallied over the weekend to create a series of WannaCry Health Checks into our Client Health™ product to quickly detect, identify, remediate and secure vulnerable or infected endpoints. So, how does it work?
Detection
First, we created the WannaCry Infection Health Check. It detects systems that have been infected through a thorough evaluation of Indicators of Compromise (IoC). If a system has been affected, it needs to be quarantined immediately, and a decision must be made: reimage the system or pay the ransom (not a fun choice). Thankfully, most companies back up their data and can restore systems, effectively avoiding the ransom but not the hassle.
Patch and Update
We also delivered the WannaCry Vulnerability Assessment Health Check to determine whether all the correct patches and updates have been applied to each system or whether it is vulnerable to the attack. Using a simple interface, system administrators can easily update and execute the proper patches. The WannaCry Vulnerability Assessment Health Check can also add any systems tagged as vulnerable to a ConfigMgr collection so that they can quickly be patched.
Remediate
And finally, there is the WannaCry Vulnerability Remediation Action. To take away any headaches and eliminate future risk, this action will automatically disable the SMBv1 protocol on any machine considered potentially vulnerable and reboot it.
Healthy Systems Save Companies Major Dollars, Resources and Headaches
Wonder if WannaCry is really out to get you and if you truly need a health check? Consider that the organizations most at risk are those operating old systems or maintaining a backlog of patches that haven’t been applied to their systems yet—which includes MANY, MANY companies. If you want a more inside-baseball look, Microsoft’s WannaCrypt ransomware worm targets out-of-date systems blog post provides some fascinating reading and great insight into just how easily an existing exploit was weaponized, using some relatively crude methods.
But in short, it doesn’t matter the size of the organization or what industry it’s focused on. Even the most sophisticated Fortune 500 customers, with upward of hundreds of thousands of endpoints, have been affected. That’s why we highly encourage anyone and everyone running a Microsoft environment to undergo a health check to shore up their endpoints. It’s too important not to.
In fact, one of our long-time global customers with more than 250,000 endpoints made the decision a long time ago to prioritize the health of its systems. Today, the organization runs over eight million health checks each day to reduce security risks. It has even developed over 125 custom health checks to ensure that systems remain safe. The company estimates that this practice has resulted in several millions of dollars in cost savings—as well as eliminating thousands of hours spent manually troubleshooting. In the wake of WannaCry, the company’s awareness of and preparedness for even the most sophisticated threats seems to be among its smartest IT decisions.
Given the mass proliferation and disruption caused by WannaCry (which could have been far worse had researcher Marcus Hutchins not accidentally stumbled upon the kill switch), we should all be on red alert of future threats as hackers will likely be emboldened. In this new world order, let’s be sure that we do all that we can to shore up systems.
See Client Health demo: http://www2.adaptiva.com/client_health_demo.
Learn more about Client Health: http://www.adaptiva.com/client-health/.
Anne brings to the company a unique combination of over 15 years of high-tech marketing experience with a technical engineering background. Anne holds a mechanical engineering degree from Cornell University and an MBA from Seattle University. Her work has earned her recognition as one of the “100 Top Women in Seattle Technology” by the Puget Sound Business Journal and one of the “Top 50 Women in Mobile Content” by Mobile Entertainment Magazine. Anne has led the launch strategies for emerging start-up companies as well as created global campaigns for leading technology companies, such as Microsoft and SAP. For more information, please visit http://www.adaptiva.com and follow the company on LinkedIn, Facebook and Twitter.