The global cyber attack of yesterday marks a learning opportunity in relation to discussing cyber security with our students. It is important that our students are aware of the implications of such attacks including the impact and also the measures that can be taken to protect against attacks being successful or at least minimise their impact.
So what are the key learning points to take away from this incident and to discuss with our students:
OS and Software Updates:
One of the key points to take away is ensuring that desktop and server operating systems are regularly updated. This includes updates and also upgrading of versions, for example upgrading from Windows 7 to Windows 10. Older operating systems eventually stop receiving support from those that produced it, meaning that new security flaws which are identified go unaddressed leaving users vulnerable. Support for Windows XP ended back in 2014 so users of XP would be vulnerable to flaws identified between then and now. For more modern operating systems such as Windows 7 and 10 the key here is the updates. These updates provide the fixes to security flaws as they are identified and therefore it is important to keep your system updated to make sure vulnerabilities are promptly addressed. This expands beyond operating systems to application software as well, as equally applications which have not been updated may expose users to vulnerability which the appropriate updates would have addressed.
In the case of ransomware backup is critical as the virus will encrypt all files it can get access to. As such at this point you can either pay the ransom which may or may not get you your files back, or, assuming you have kept backups, roll back to your latest backup with only minor loss of data. As such regular backups represent the best protection against ransomware attacks. The more regular the backup the less the loss so a weekly backup means a loss of up to a week worth of work, whereas a nightly backup reduces this loss down to 1 day worth of work in the event of a successful ransomware infection.
The weakest point in the network is usually the user, the human being making use of the system. An IBM report from 2014 identified that 95% of security incidents involved a human being. It is unlikely that this figure has changed much. As such it is important to try and educate users to exercise caution and to be aware of the precautions they should be taking in relation to suspicious emails, password security, etc.
While not protecting you against zero day attacks or new variants anti-virus will provide some protection against existing identified threats. It is also worth noting that new anti-virus products are introducing new capabilities such as heuristic based identification of threats and sandboxing to provide additional protection.
A key security maxim has always been assignment of minimum privileges required. This means ensuring that users only have access to the files that they need to have access to in order to carry out their role. This includes defining whether a user is limited to reading files or can in fact modify or delete them. This also includes whether users have access to specific networks or whether their access is limited, such as in the case of a guest user. By limiting access in this way we limit the impact of ransomware or other viruses to some extent. As such in looking at the resources on our network assigning the minimum privileges is a key step.
The recent attack is the largest attack I can remember since the Love Bug Virus which I vaguely remember from back in 2000. It is likely that such attacks will become more common as we become more and more connected and reliant on technology, adding more and more connected devices into our homes and using more and more software apps in our daily lives. As such, in preparing our students for the future, it is important that we take every opportunity to discuss how these attacks can and do impact on us and how we might all take appropriate precautions. With the latest incident so widely reported in the news, now is a good time.