Using VirtaMove to prevent Petya and WannaCry exploitsNigel Stokes
VirtaMove can help you prevent Petya and WannaCry ransomware cyberattacks. In 2016 and 2017, Petya and WannaCry ransomware spread like wildfire across the world, locking hundreds of thousands of computers and hitting big businesses and organizations from hospitals to shipping companies to government departments.
WannaCry and GoldenEye are enabled by the Windows vulnerability EternalBlue, or MS17-010, a critical bug in the Windows code that allows remote code execution. The vulnerability is in older Windows operating systems, namely:
- Windows 8
- Windows XP
- Windows Server 2003
Cyberattacks have been getting more prevalent and smarter, making even more money for ransomware creators and being sold as tools and outsourced services on deep web forums. Since the initial attack last year, Avast has detected and blocked more than 176 million WannaCry attacks across 217 countries. “In March 2018 alone, we blocked 54 million WannaCry attacks.”
While Microsoft released a patch for the vulnerability before WannaCry hit, the ransomware still attacked millions of users because people failed to patch their systems. Avast data “shows that nearly one third (29%) of Windows-based PCs globally are still running with the vulnerability in place” in 2018.
Snoozing on the wake up call
WannaCry should have been a wake up call for IT shops to update and patch their systems. Why the reluctance to do so? Analysts theorize that the foot dragging could be about not understanding patch management, not wanting services to be interrupted, and not getting off older, unsupported operating systems.
A survey of over 200 senior-level security execs performed by Solar Winds MSP and the Ponemon Institute revealed that 40% of surveyed companies believe that they lack sufficient technology to prepare against ransomware attacks and that “many do not seem to have a firm understanding of ransomware and Vault 7-type attacks.”
The SolarWinds and Ponemon survey showed that nearly 50% of organizations believe that they lack sufficient budget to close security holes. Researchers in the healthcare field have found that cyber attacks have been increasing but IT Security budgets have remained static or worse since 2016. “As a percentage of IT organizational budgets, cyber security has decreased to about three percent of the total annual IT spend.”
While insufficient budget may be a fact, doing nothing is not a zero-cost strategy. In reality, doing nothing and hoping that a cyber attack doesn’t happen is costly, keeping organizations sitting ducks to theft of data assets, damage to IT infrastructure, lost revenue, and disruptions to business processes. More than 90 percent of healthcare organizations have experienced a data breach since the third quarter of 2016, and nearly 50 percent have had more than five data breaches during the same time frame, according to a recent report from Black Book Research.
How VirtaMove can help
If you’re running apps on old Windows systems, you need to do the following to address known security issues with unsupported operating systems:
- Upgrade hardware and operating systems. Invest in hardware and software
rather than spend more on cyber security tools.
- Buy new servers to close known hardware exposures like Meltdown and Spectre.
- Move software apps from old OSs like NT WS2000, WS2003, and WS2008 to
modern, secure WS2012, WS2016, and WS2019 systems to eliminate WannaCry and
other malware exposures.
- Use VirtaMove’s automated migration to move apps to a new server and OS,
in a fraction of the time and cost required for manual re-installation and reconfiguration.
You can address and minimize cyber security threats even if your organization faces people and budget challenges, by tackling the issue smartly. Thanks to intelligent automation, VirtaMove’s V-Migrate software can speed up efforts to get applications off vulnerable, unsupported operating systems like WS2003 that are open invitations to ransomware, while keeping costs to do so down. When you’re looking at days to migrate to new, supported platforms instead of months or years, you suddenly have much more budget than you think you had to fix a problem that isn’t going away. You don’t need an army of resources to do the job, with VirtaMove migration expertise on hand as required to ensure success. You can leverage VirtaMove tools to get apps off EOS operating systems such as WS2003 while using your inhouse resources effectively to address other challenges, such as ongoing patch management for newer, supported operating systems.
If you’d like to learn more about how VirtaMove can help you close security holes, give us a call, register for a free demo, or send us an e-mail. We’re always delighted to show you what we can do.