Petya and Wannacry Are Just Small Parts of a Bigger Cyber Security Problem

Technology > Security

Popular cyber threats Petya and Wannacry are just small portions of a bigger problem that remains unseen, according to experts. At present, several Australian organizations are formulating mechanisms to counter the increasing threat of ransomware.

These high profile cyber attacks have put multinational corporations on notice, including international corporate law firm Minter Ellison. According to Gary Adler, the firm’s chief information officer, Minter Ellison encounters at least 10 million spam emails yearly, many of which would be relative to phishing and ransomware attacks. While most of these cyber threats are being controlled through a third party security system, Adler acknowledged that the firm has endured minor ransomware attacks that have been controlled through the use of back up devices.

Ransomware usually happens when an unwitting employee clicks on a link indicated in an email that contains the malware. Once launched, the ransomware collects privileged data from the system and locks up the same until a ransom is paid in return for the data stolen.

Adler has enforced a stricter company policy of regular patching, backups, and other tests to protect the firm’s integrity and security, as well as its 2000 computer users in the best way possible.

A recent BDO/AusCERT survey reveals that a quarter of Australian businesses had suffered a ransomware attack during the past year. BDO Partner Leon Fouché said that recent ransomware attacks such as WannaCry and Petya had shifted the tone, resorting to large-scale, premeditated attacks that have become the norm and exposed small and medium enterprises to potential system damage.

The CIO of a particular property business in Sydney, who insisted on remaining anonymous, said that it adopts patching data through the cloud system. According to him, one of the cloud’s key benefits is that it is necessary on the part of the provider to possess the highest level of patching and security.

In response, PwC's APAC cyber leader, Steve Ingram said that the cloud system does not absolutely spare an organization from a potential cyber attack. For instance, a cyber threat that has originated from China called the "cloud hopper" was able to penetrate managed service providers en route to its industrial targets.

Minter Ellison's Gary Adler opines that while ransomware cannot be totally eliminated, the effects can be mitigated through consistent and coordinated efforts.

"Security technology won't solve all your problems – it's one of four inputs along with process, policy, people and behaviours," Adler further said.

Photo by: geralt via Pixabay