One of my biggest fears as an IT manager is coming to work one day and finding out that my company network was hit by a ransomware attack. So you can imagine my reaction when I read the world news on Friday (May 12th) regarding the wide ransom attacks that were taking place and affecting very large institutions, places where you’d think they were completely covered with their security standards. As it turned out, this was happening worldwide but the big hit was felt mostly in Europe.
By now we all know the name of that ransom attack is “WannaCry” (official name Ransom:Win32/WannaCry) and like all other ransomware attacks, it encrypts files on an affected computer as well as any other network files that are available for that computer.
After the encryption, the hackers of this ransomware leave a text message or some kind of a note notifying the user that their files have been encrypted and the only way they can get their data decrypted is to pay cash, and then the “nice” hackers will send over a key to unlock all their files. It’s literally a ransom situation by the mafia in cyberworld!
After reading a bit on the WannaCry ransomware I understood that the best way to protect ourselves from such an attack is to deploy the Microsoft Security Bulletin MS17-010 fix, which was released in March 2017. Yup, not that long ago….hence many organizations and individuals had not done so before the insane cyber attack over the weekend.
As the IT Manager at SysAid, I’m using all the SysAid tools (but of course!) to manage my IT services and support, and that includes SysAid Patch Management, which helps to keep our Windows-based servers and PCs always up-to-date with the latest security patches/updates.
This means that all of my users’ computers were being patched on a regular basis and that the necessary security fix was already deployed. Thank goodness!
To feel completely secure, as an added precaution, I logged in to my SysAid Cloud console so I can asses the deployment of the MS security fix across my network and with a simple report I was able to see which computers had the security fix installed and where it was missing (there are various reasons why a mass patch deployment can fail). Then, with this data from my report, I was able to directly attend to those computers and make sure that the security fix was properly installed on them.
To make a long story short, as with all IT-related security issues, one of the most important things is a fast response!
Finally (a shameless plug), I’d love to share with you this entertaining video that my marketing colleagues put together so you can understand how SysAid Patch Management works: