TelecomTV TelecomTV
  • News
  • Videos
  • Channels
  • Events
  • Network Partners
  • Industry Insights
  • Directory
  • Newsletters
  • Digital Platforms and Services
  • Open RAN
  • Cloud Native Telco
  • Telcos and Public Cloud
  • The Green Network
  • Private Networks
  • Open Telco Infra
  • 5G Evolution
  • Access Evolution
  • Edgenomics
  • Network Automation
  • 6G Research and Innovation
  • Security
  • More Topics
  • Network Partners
  • Industry Insights
  • Directory
  • Newsletters
  • |
  • About
  • Contact
  • |
  • Connect with us
  • Digital Platforms and Services
  • Open RAN
  • Cloud Native Telco
  • Telcos and Public Cloud
  • The Green Network
  • Private Networks
  • Open Telco Infra
  • 5G Evolution
  • Access Evolution
  • Edgenomics
  • Network Automation
  • 6G Research & Innovation
  • Security
  • Connect with TelecomTV
  • About
  • Privacy
  • Help
  • Contact
  • Sign In Register Subscribe
    • Subscribe
    • Sign In
    • Register
  • Search

Industry Announcements

Tracker

Gartner provides three immediate actions to take as WannaCry ransomware spreads

Via Gartner Newsroom

May 16, 2017

STAMFORD, Conn., May 15, 2017

Since its discovery on Friday May 12, the WannaCry ransomware attack has continued to spread. According to European authorities, it has hit over 10,000 organizations and 200,000 individuals in over 150 countries. Although steps have been taken to slow the spread of this malware, new variations are surfacing. Jonathan Care, research director at Gartner, outlined steps that cybersecurity professionals must take immediately.

First and foremost, apply Microsoft's MS17-010 patch . If you don't have it, and you have TCP port 445 open, your system will be hit by ransomware .

Then take the following steps to guard your organization against future attacks of this nature:

  • Stop blaming. While it’s tempting to point the finger at others, one of the key stages of incident response involves focusing on root causes. Microsoft Windows XP, an OS that has been hit hard by WannaCry, can be embedded into key systems as part of control packages. This means that vulnerable firmware may be neither accessible nor under your control. Where you have embedded systems — such as point-of-sale terminals, medical imaging equipment, telecom systems, and even industrial output systems such as smart card personalization and document production equipment — ensure your vendor can provide an upgrade path as a priority. Do this even if you use other embedded OSs, such as Linux or other Unix variants, as it's safe to assume that all complex software is vulnerable to malware.

  • Isolate vulnerable systems. There will be systems that, although not yet affected by malware, are still vulnerable . It’s important to realize that vulnerable systems are often those on which we rely most. A useful temporary fix is to limit network connectivity — identify which services you can turn off, especially vulnerable services like network file sharing.

  • Stay vigilant. Gartner’s adaptive security architecture emphasizes the need for detection. Ensure your malware detection is updated. Check that your intrusion detection systems are operating and examining traffic. Ensure that user and entity behavior analytics (UEBA), network traffic analysis (NTA) and [security information and event management (SIEM)](http://www.gartner.com/it-glossary/security-information-and-event-management-siem//oSecurity Information and Event Management (SIEM)) systems are flagging unusual behavior, that such issues are being triaged, and that incident handlers are responsive. Bear in mind that additional resources may be required to handle the volume of incidents, liaise with law enforcement agencies, and field questions from the public (and possibly the media). Keep technical staff focused on resolving key issues and let someone else answer external questions.

After the crisis, there will be time to learn lessons. At that point, organizations should reviewvulnerability management plans; re-examine approaches to not just protective measures but also key detection capabilities, such as UEBA, NTA and advanced SIEM; perform additional threat modeling; and consider carefully what risks you can afford to tolerate and assess your cloud security. You may also want to assess your cloud security.

Additional information can be found in Mr. Care’s Gartner Blog "Three Things to Do Immediately in the Wake of Wannacry."

Gartner analysts will provide additional analysis on cybersecurity threats at the Gartner Security & Risk Management Summits 2017 taking place inNational Harbor, Maryland ,Tokyo ,Mumbai, India ,Sao Paulo ,Sydney ,London and Dubai . Follow news and updates from the events on Twitter at#GartnerSEC .

Related Topics
  • Announcement,
  • Device Software & Apps,
  • Digital Platforms and Services,
  • Gartner,
  • Media & Entertainment,
  • News,
  • North America,
  • Security,
  • Tracker

More Like This

Open RAN

Aira Technologies Inc. develops world’s first AI-based channel estimation and prediction xApp

Feb 8, 2023

5G Evolution

Qualcomm introduces the world's first 5G NR-light modem-RF system to fuel a new wave of 5G devices

Feb 8, 2023

5G Evolution

Verizon achieves upload speeds surpassing 1Gbit/s

Feb 8, 2023

Open RAN

NEC touts "truly open, truly trusted" approach to network ecosystems for 5G and beyond at MWC 2023 in Barcelona

Feb 8, 2023

Digital Platforms and Services

Vonage recognised as established leader in conversational commerce by Juniper Research

Feb 8, 2023

This content extract was originally sourced from an external website (Gartner Newsroom) and is the copyright of the external website owner. TelecomTV is not responsible for the content of external websites. Legal Notices

Email Newsletters

Stay up to date with the latest industry developments: sign up to receive TelecomTV's top news and videos plus exclusive subscriber-only content direct to your inbox – including our daily news briefing and weekly wrap.

Subscribe

Top Picks

Highlights of our content from across TelecomTV today

0:46

The Cloud Native Telco Summit returns this September!

8:32

Azita Arvani on Being a Female Leader at Rakuten Symphony

16:19

AT&T Amy Zwarico on securing telco applications in the public cloud

1:44

Join us for the greatest industry debate of the year!

TelecomTV
Company
  • About Us
  • Media Kit
  • Contact Us
Our Brands
  • DSP Leaders World Forum
  • Great Telco Debate
  • TelecomTV Events
Get In Touch
[email protected]
+44 (0) 207 448 1070
Connect With Us
  • Privacy
  • Cookies
  • Terms of Use
  • Legal Notices
  • Help

TelecomTV is produced by the team at Decisive Media.

© Decisive Media Limited 2023. All rights reserved. All brands and products are the trademarks of their respective holder(s).