Guest Post | Advt. | Query: info@techrecur.com

WannaCry and the update issue – a comment by Dennis Monner, CEO of German-based IT security firm Secucloud


Hamburg, Germany. 22 May 2017 – It was basically only a question of time. Sooner or later, it was clear that cyber-criminals would get their hands on a security flaw that would help them start the scale of attack we saw recently. Nevertheless, its effects still surprised everyone – there were reports practically every minute about newly-infected hospitals, carmakers and transport companies. It made us see how weak our entire digital infrastructure really is. Despite quick-fix security measures, including a patch for obsolete operating systems, companies are not all protected against infection – far from it. That’s because updates and patches are not even an option for many of them. Effective protection needs to start at a completely different level.

Encryption Trojans themselves are certainly nothing new. The unusual factor in this case was the way it spread – a combination of various tactics that made it extremely effective. Once the WannaCry malware has infected a system via a malicious link in a spam mail, it is able to reproduce itself like a worm by exploiting a security flaw. The result: a snowball effect that has apparently infected over 200,000 systems in 150 countries.

Dennis Monner, CEO of Secucloud
Dennis Monner, CEO of Secucloud
The road to hell is paved with good intentions and many companies affected by WannaCry will think that when they hear people say: “If only you’d upgraded to a current operating system. Windows 10 has been protected by a patch since March.” That’s certainly a valid argument at first glance. But unlike most home users, companies are not always in a position to just update their IT infrastructure whenever they feel like it – or even when necessary.

“Never change a running system” and other obstacles
We only need to look at business-critical infrastructures like production machines in manufacturing companies. For security reasons, their control systems may not allow any modifications – and that’s why many production systems are still running on old software like Windows XP. That won’t change anytime soon because traditional machines are designed to run for decades. As a result, replacing a company’s entire fleet of machines with new ones is clearly not an option. There’s a similar situation in highly-regulated industries like automotive and healthcare – they are often subject to stringent compliance requirements that forbid any system modifications.

Even if there are no objective obstacles to applying patches or updates, other factors – such as a lack of time or money – ensure that even critical security updates are only installed after a long delay, if at all. We can still remember the SSL security flaw Heartbleed in 2014: three years after the flaw was made public, hundreds of thousands of systems connected to the internet were still unpatched. The reason is obvious: in large IT installations with several thousand or tens of thousands of systems, applying patches requires a huge amount of time and money. Companies also subscribe to the adage “never change a running system” and are unwilling to take the risk of applying updates with errors and – in the worst case – paralyse their entire production.

Microsoft again reacted extremely fast in this case. Faced with the huge scale of the attack, it even provided a patch against the security flaw for older Windows versions that are no longer supported, such as XP and Server 2003. Nevertheless, there are multiple reasons why even that is not a practical way for many companies to protect their internal systems against infection with WannaCry malware.

Overarching security
This cyber-attack should serve as an eye-opener for us all. Not only as an indicator of the importance we should place on IT security in this era of all-encompassing digitalisation, but also to illustrate the fact that this new reality requires a completely new approach to security. Instead of protecting each PC, machine and other internet-enabled device individually, security should be provided on an overarching level: centrally and universally across the entire enterprise.

Cloud-based security solutions anchor their protection mechanisms directly in the cloud – for example, installed within the internet provider’s infrastructure. All of the customers’ internet traffic is routed via this discrete security system, regardless of the customer’s devices, their operating systems or even their local protection solution. The traffic is searched for threats before the malicious files can get anywhere near the company. That effectively forestalls the initial infection with no need for any system modifications.

This is the approach taken by Secucloud’s cloud-based security solution ECS2, whose Cloud Intelligence technology protected customers against WannaCry malware right from the first attack attempt. The solution’s Advanced Persistent Threat (APT) filter is even capable of detecting still-unknown threats based on suspicious data streams. It isolates these in a sandbox and analyses them before they are passed on to the user’s system. In the case of WannaCry, the Secucloud solution detected the malicious infection email designed to start the infection in a company, categorised it as a threat and thus was able to automatically protect all users against infection. Regardless of the operating systems a company uses or the patches it has installed, Secucloud ensured that the malware couldn’t even get into the company to infect it in the first place.


Further information:
phronesis PR GmbH
Marcus Ehrenwirth
Ulmer Strasse 160
D-86156 Augsburg
Tel.: +49 (0) 821 444 800
Fax: +49 (0) 821 444 80 22
Email: info@phronesis.de
Internet: http://www.phronesis.de/

Secucloud GmbH
Kai Bulau
Poststrasse 6
D-20354 Hamburg
Tel.: +49 (0) 180 5 015 437
Fax: +49 (0) 180 5 015 438
Email: kai.bulau@secucloud.com
Internet: http://secucloud.com/de

About Secucloud
Secucloud is the first German-based provider of a comprehensive, completely cloud-based, enterprise-class security system for telcos and mobile phone operators. The modular Elastic Cloud Security System (ECS2) is installed directly into the carrier’s network infrastructure, enabling it to protect its customers from all cyber-threats on the internet in a centralised way. Customers do not need to install any software on their devices, so no setup or maintenance is required. The Secucloud solution scales elastically and can protect more than 100 million users effectively and in real time. While customers are surfing the web, the various analysers in ECS2 scan all data traffic for malicious and damaging content. To ensure extensive protection, Secucloud combines multiple powerful security technologies, including multi-AV engines, next generation firewall, packet analysers (including deep packet inspection as well as IDS and IPS systems), global cloud intelligence, DNS layer analysers, SSL scan decision, trust & reputation analysers, APT sandbox analysers and content analysers.

Further information about the company and its solutions is available on http://www.secucloud.com/.

Have any Question or Comment?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

::::::::::::::::::::::::::::::::::3451:::::::::::::::::::::::::::::::::;;

::::::::::::::::::::::::::::::::::6733:::::::::::::::::::::::::::::::::;;

:::::::::::::::::::::::::::::925:::::::::::::::::::::::::::::::

TRIO STEEL IS ONE OF THE MOST TRUSTED BRAND AND LEADING EXPORTER AND SUPPLIER OF CARBON STEEL, ALLOY STEEL & STAINLESS STEEL PIPES & PIPE FITTINGS MATERIAL. Triosteel is one of the leading Suppliers and Exporters of API 5L Pipe in Singapore. Triosteel also Exports to many countries like Indonesia, Iran, Saudi Arabia & many more. An API 5L pipe is manufactured by adhering to the specifications laid down by the International Organization for Standardization (ISO) 3183.

::::::::::::::3453:::::::::::::

2780

buy! buy! CHEAP! Telefonie VoIP CHEAP! buy! buy! CHEAP!

2781

buy! buy! CHEAP! Telefonie VoIP CHEAP! buy! buy! CHEAP!

——————————————–

For the 2012 MLB period, we found an totals forecast Joao’s Renowned Over/Under João Zorro Gonçalves, Zcode Totals Pro, System of the time with progressions that have been successful over 98 98% ... We eventually perfected our over/under program ( Zcodesystemexclusive ), although it h-AS has brought years of investigation. Five Steps to Making a Winning MLB Method: 1. Execute appropriate cash management tools. 2. MLB rules that are comprehend. 3.Extensive testing back to make sure successful longterm results ...

——————————————–

There is always a challenge when you're dealing with the Foreign Exchange Market. That's just the nature of the beast. The best thing you can do is to learn about how the market operates as a whole so that you will be ready to meet these challenges. iq option penipu Never be misled by any profit gains in binary options. This is the number-one way traders end up losing their money and ultimately failing. Remember that the same things that make you laugh can make you cry in this market, and you can lose that $700.

——————————————–

Learning Polish has never been this fun and easy as with our podcasts Learn Polish with Polishpod101 Start today and become conversational in Polish in no time

——————————————–

The Best Website Agen Poker Resmi www.sakupoker.com Terpercaya come join

——————————————–

Do you need edmonton phone systems service ? Call complete communications today!

——————————————–

High-tech solutions for easy start-up of your IPTV/OTT-business

——————————————–

——————————————–

If you want to purchase not only one item, you have a chance to enjoy privileges. There is a sale’ tab on the site which offers a fantastic range of reduced counterfeit watches and accessories, such as sunglasses, cufflinks, watch straps and pens. Luxury Jewelry Replica At MCA.MN On Sale You get a 5% discount if you buy two pieces, this discount increases to 10% if you buy 4 pieces or more. There is free international shipping on all orders on this site. We also offer customers a free return anytime with a 100% money back guarantee.

——————————————–

:::::::::::::::::3452:::::::::::::::::::