Sapsiwai - Fotolia
The most obvious effect of the WannaCry ransomware attacks in May 2017 is in terms of raising awareness of such attacks and their potentially crippling effect on businesses.
The initial wave of WannaCry attacks affected more than 200,000 computers in 150 countries, with the NHS being the most affected in the UK, causing disruption at hospitals and doctors’ surgeries.
Of the 600 business decision makers and 1,200 employees polled across the UK, US, Germany and Australia by security firm Clearswift, 77% said they had knowledge of the attacks.
In the UK, the awareness level was above average, with 88% of UK respondents saying they had knowledge of the WannaCry attacks.
In the wake of the attacks, 58% of firms in the UK are expecting another attack in the next few months, demonstrating the WannaCry has sent ripples through the industry and brought cyber security front of mind for employees and businesses.
The survey revealed that as a direct response to the WannaCry attacks, 29% of UK businesses will now add cyber security to the boardroom agenda and 29% of firms worldwide have pledged to implement stronger cyber security measures.
With 80% of UK employees increasingly worried about how companies hold their data and the same proportion across all employees polled sharing those concerns, it is no surprise that 38% of those employees who said they were aware of WannaCry are now reading more about cyber security.
In addition, 33% said they have changed their passwords, 24% said they have formally enrolled in security courses, and 26% said they are taking steps to ensure their companies raise their game in cyber security.
Gap between security pros and boardroom ‘may be closing’
Guy Bunker, senior vice-president of products at Clearswift, said while UK employees are worried about the practices of the custodians of their data, the gulf between frontline security professionals and board members may be closing with 29% now recognising cyber security has a place at the boardroom table.
“Organisations need to answer the clarion call we are hearing from employees to learn from these events and start to raise their game and update their policies, procedures and technology to mitigate against future attacks, as well as preparing for the introduction of new data regulations that are on the horizon,” he said.
Respondents in the public sector took a slightly more relaxed attitude to how their data is held, with more than a quarter (28%) not being worried by the attacks compared with 17% in the private sector.
With the NHS being front and centre of the attack, the survey report said it surprising that UK employees who were aware of the WannaCry attack were less likely than those in the US, Australia and Germany to change their passwords, read more about cyber security or even ask their company for advice.
The US (49%) proved most likely to action change, followed by Australia (43%), Germany (37%) and then the UK (35%).
However, the fact that more than half (55%) of those aged 18 to 24 who were aware of the WannaCry attack have taken the initiative to read more about cyber security – with 29% enrolling in courses or certifications – bodes well for the future, the report said.
Bunker said an educated workforce that is briefed on policies and procedures will go some way in limiting the effects of a breach.
“However, boards need to take a proactive stance on this. Having the latest security technology enables organisations to stop attacks at the boundary, before they enter a network, by removing the source of an attack from documents and attachments shared into an organisation,” he said.
‘Disconnect’ between concern and action, says expert
Similar trends were identified in a survey of 290 security executives across 11 countries in Europe, the Middle East and Africa by information services firm Neustar.
The Neustar survey revealed that 60% of respondents said the WannaCry global attacks have had a direct effect on the way they protect their enterprises.
The findings are part of a broader survey of security professionals conducted by the Neustar International Security Council (NISC). The study was launched in May 2017 to enable customer organisations to discuss the latest trends in cyber security with leading experts around the world.
“With the majority of respondents indicating that recent global attacks have directly affected their protection choices, it shows that – while awareness exists – there’s a disconnect between the concern of attacks and companies actually taking action,” said Rodney Joffe, head of NISC and Neustar senior vice-president and fellow.
The Neustar survey also revealed that respondents ranked ransomware as the most concerning cyber threat, with 28% of respondents selecting this type of threat, and system compromise ranked second with 21%.
At the same time, 44% of respondents said they have focused on increasing their ability to respond to both ransomware and distributed denial-of-service (DDoS) attacks, confirming that priorities for security leaders are avoiding both ransom requests and website disruption.
The broader Neustar survey will be used to compile an ongoing Cyber Benchmarks Index that is designed to enable NISC members and the wider cyber community to track changes and trends in the perception and attitudes of security professionals in relation to the threat landscape.
When asked if criminals were increasingly behind threats, 49% of respondents thought they were. When asked if they thought threats from unknowns were on the increase, 38% of respondents agreed.
Responses from future surveys will reveal how the perception of the threat landscape changes over time, and currently show that threats are thought to be increasing most from the world at large (58%) and least from within an organisation (30%).
“Understandably, security professionals have their finger on the pulse of the threat landscape, with the survey responses demonstrating their clear knowledge of attacks and attackers,” said Joffe.
“Tracking who respondents think attackers are and where attacks come from will be interesting, as we will be able to see how global events and news headlines might, or might not, influence the answers,” he said.
Read more about WannaCry
- Businesses urged to ensure that they are not vulnerable to WannaCry ransomware after a vehicle manufacturer discovered an infection on its networks
- Computers running Windows 7 accounted for the biggest proportion of machines infected with the WannaCry ransomware, while NHS suppliers are blamed for hampering patching by NHS trusts.
- A failure by many organisations to take cyber security seriously has long been blamed on the lack of a single significant event to shake things up.
- WannaCry reveals some important facts about our dependence on the internet and IT.