Wannacry, still the beast of computer security officials?
Three years ago, the computer world discovered WannaCry.
A malicious program that had the possibility in record time to paralyze the IT activity of a company. It's been two years since this program was identified, it continues to scare it officials of computer security.
Why?
It's simple, WannaCry is a computer virus that attacks the system that are not updated. We all know that the update is for a user to fill potential security flaws in the devices they use. It develops when a bug or security flaw is discovered in the system. Then the editor will design a fix that will have to be downloaded by users.
However, it was discovered that prior to the WannaCry virus explosion, companies were neglecting the update phases because it believed that the process would interfere with the structure's business activities. According to a study by cybersecurity firm Tanium, nearly 95% of IT security officials refused to apply security updates because they feared it could have an impact on the company's business. If this kind of neglect was not a problem before, the arrival of the WannaCry computer virus has caused more damage than it should in principle.
In less than a few hours, hundreds of the systems were rendered inoperative, which of course did not fail to create a wave of awareness in the management of computer parks. the update has now become something not to be overlooked, because if some officials had played their part correctly, by running a simple update, some damage could not have happened today. However, it was revealed by another study that companies feel they have difficulty updating their computer parks for three major reasons:
- The diversity of basic software: companies generally make up their computer systems of terminals equipped with many operating systems. These include Windows-equipped computers, which include Windows XP to Windows 10, Mac OS and some Linux system distributions. It is clear that presented in this regard, it would not be easy so to run updates when diversity is so important.
- Multi-site companies: The development of companies today requires a certain dispersion of the sites on which they will be able to set up their headquarters and premises. Like this physical architecture, computer systems also follow this logic. So instead of running a single computer system. A company has to manage several of them. This still makes it more complex to secure measures and standard execution methods for updates.
- Lack of visibility: "There is a significant problem in any company: according to studies, between 12% and 20% of computers and servers are invisible to IT departments!
So how do you know if you need to update machines you don't even know about? That's impossible. To give an order of magnitude, if you take a computer fleet of 20,000 PCs and servers, that's between 2,400 and 4,000 unprotected posts that are all open gateways for hackers! explained Dagobert Levy, Tanium's South Europe Manager.
He also explains that hackers realize that IT hygiene is a real weakness for businesses. For this reason, the company he represents, Tanium, makes its recommendations to all IT security managers: "to have a reliable, real-time knowledge of their COMPUTER fleet and the ability to instantly launch large-scale actions."
Now access an unlimited number of passwords: