Lessons for Telcos from the WannaCry Ransomware attack

Lessons for Telcos from the WannaCry Ransomware attack
The WannaCry ransomware attack and the new threat posed by EternalRocks have exposed the cracks that exist in cybersecurity. These high-profile cyber-attacks have underlined the importance of having insight, intelligence and tools to tackle such breaches. So, what can telcos learn from this attack and what can they do to avoid such attacks in the future? Shashank Venkat examines..

Earlier this month, the WannaCry ransomware attack crippled thousands of computers across the globe. These cyber-attacks targeted a wide range of industries including telecommunications firms, hospitals, universities, and governments. Those individuals that were affected found their systems encrypted, with a demand for $300 in Bitcoins to restore access. According to reports, the attacks hit more than 200,000 computers across 150 countries and raked in over $55,000 for the criminals. Luckily, WannaCry was stopped from inflicting further damage inadvertently by a cybersecurity researcher from the UK, who goes by the name Malware Tech.

As businesses recover from this attack, another strain of malware called EternalRocks which targets the same vulnerabilities as WannaCry has been discovered. Potentially more dangerous than its predecessor, EternalRocks does not even include a kill switch domain which was used to stop WannaCry from inflicting further damage. Companies that have not patched their systems post the WannaCry attack remain vulnerable to this new strain of malware. Organisations worldwide should remain vigilant and enhance their security protocols if they want to stay safe in this new form of cyber warfare.
The telecoms industry is in focus because WannaCry also breached the defences of Spanish telecommunications incumbent, Telefonica. For a company that invests significantly in security, this breach comes as a huge wake up call. This also highlights the vulnerability of medium and small-sized telecommunications players, who may be more at risk than the telecoms giants of the world. WannaCry and EternalRocks are, perhaps, a blessing in disguise for such businesses, who can now invest in fortifying their networks with high-level cyber defence systems.
However, this is easier said than done. We have seen that despite being aware of imminent cyber-attacks, many businesses have been unable to fight off the threats surrounding them. In fact, this is not even the first time we are hearing about ransomware. Clearly, there exists a huge gap between real-world threats and the outdated cyber defence systems.
While cyber criminals are one part of the problem, many breaches occur due to inefficient systems and processes. A case in point being the cyber-attack on TalkTalk, for which the company received a £400,000 fine from ICO.

So what should telcos do in the aftermath of the WannaCry ransomware attack and the looming threat from EternalRocks?

Make cybersecurity a key organisational strategy – Most businesses leave cybersecurity to their IT and networks teams. Hopefully, this breach has served as an effective reminder to telecoms players to make cybersecurity a key organisational strategy, including buy-in from all teams and departments, and staff need to be trained by experts so that they don't become unsuspecting victims of the next cyber-attack. Communications Services Providers also need to invest more money in beefing up their cybersecurity infrastructure, with prevention being the priority.

Fix vulnerable systems Don't be under the false assumption that if you were not hit by WannaCry, the house is in order. You may still have vulnerable systems that remain at risk from the next cyber-attack. Make sure that your systems are up to date with the latest patches, even if it means delaying other business processes.

Back-up your business data – This may be stating the obvious, but it's still amazing to know the sheer number of companies that keep procrastinating over this important task. Even if they have backed-up their data earlier, they are often out of date and lack crucial information. Try to have multiple backups – from physical drives to cloud services – updated at regular interval.

As telcos get ready for the General Data Protection Regulation (GDPR) with newer systems and processes, now may also be a good time to revisit their preparation for risk management. Especially considering the fact that telecoms businesses are standing at the cusp of the Internet of Things (IoT), where the threats to connected systems and the underlying data will be way more than the current vulnerabilities. In fact, if such ransomware were to penetrate an IoT-enabled system, the impact could be much worse than we saw with the WannaCry cyber-attack. As the authorities dabble with building new security standards for IoT, telcos would do well to take matters in their own hands and start investing more in their cyber defences.

Image credit: Wikimedia Commons