kraloz - Fotolia

WannaCry attack should spur ransomware and XP migration activity

The high profile global ransomware attack at the end of last week should get the phones ringing as customers turn to resellers for advice about security and getting off outdated operating systems

The huge WannaCry ransomware attack that brought parts of the NHS to a standstill at the end of last week has thrown the focus onto a couple of areas that should be bread and butter for the channel.

The first is to get out there and start selling ransomware solutions and the second is to make sure that any remaining customers on Windows XP navigate off the unsupported operating system as quickly as possible.

Security vendors have been pushing the ransomware message for most of the last 12 months with products and accreditations all part of efforts to get more partners engaged. But the events of last week will have cranked awareness up to another level and put the issue in the spotlight.

“Security companies are often criticised for fear mongering and exaggerating the possible consequences of a cyber-attack. However, this aggressive strain of ransomware is a solid example of the chaos that can ensue when organisations aren’t prepared and don’t have control.  The truth is, a successful cyberattack now has the potential to be more damaging and detrimental to a business than any recession," said Ross Brewer, vice president and managing director of EMEA at LogRhythm.

"Almost every organisation—large or small—is vulnerable to ransomware but we are starting to see more public outings of bigger, more high profile attacks hitting the headlines suggesting that the worst is yet to come. Each new report should be seen as yet another reminder for organisations to take cyber security seriously, before we have the cyber equivalent of a pandemic," he added.

On the back of the latest attack Timico and Datto shared research that revealed two thirds of UK firms have no ransomware policy in place.

“It’s not just a case of the data loss and financial cost to the business. A ransomware attack can have a debilitating effect, with long-term consequences across the business, with the company even breaching terms of any regulatory bodies that the business holds themselves accountable to," said Nabeil Samara, chief digital officer at Timico.

The Timico and Datto research also found that 85% of those firms that had been hit by a ransomware attack suffered disruption for at least a week and had a negative financial impact because of the problems.

Pretty quickly after the size of the ransomware problem came to light the next question was why it happened and fingers were pointed at the use, particularly in the NHS, of the Windows XP OS.

Sharing his assessment of the ransomware attack in the TechMarketView daily HotViews newsletter Martin Courtney, principal analyst at the firm pointed the finger at those public sector organisations still using outdated software.

"There are fears that WannaCry may have also stolen sensitive data rather than just scrambling local files. If that is the case, whole databases of personal details could be sold on and used to launch further cyberattacks, resulting in expensive regulatory fines and a haemorrhage of customers for the organisations hit," he wrote.

"Nor is the NHS the only UK critical national infrastructure provider that runs on outdated security platforms and operating systems like Windows XP which no longer receive automatic updates and are in need of a refresh," he added "The government knows it has a problem, and has consistently harangued private industry to improve its cybersecurity defences whilst seemingly failing to move quickly enough itself."

Read more on Data Protection Services