But with the growing incidences of malware attacks like the recent WannaCry and Petya ransomware viruses, something had to change. Sweeping new data protection laws coming into effect in Australia in 2018, coupled with WesCEF’s strict focus on safety, provided incentive for the organisation to proactively find a solution.
After taking stock of the problem WesCEF went to market in search of a solution, talking to several vendors in the security space. Following extensive consultations with senior Cisco engineers, it decided on a solution comprising the network specialists’ entire security suite.
One of the most surprising things WesCEF realised as the deployment kicked off was that different security systems weren’t talking to each other or generating proper reports.
A number of malicious email attachments for phishing and whaling were discovered. Whaling refers to specific phishing attacks targeting senior executives, and often contain a high degree of ‘personalisation’ including names, titles and other information intended to extract access to highly sensitive information. The existing system was preventing proper oversight of what staff were doing online. Larson cautions that even legitimate websites providing news or other popular services have been found to harbour malware.
“One of the biggest security concerns for businesses is knowing what their staff are doing,” he says, adding that the deployment of Cisco’s security suite has not only increased protection for the organisation, but it has also led to changes in behaviour and company culture.
“[It] puts us in a stronger position to address threats and risky activity.”
What: Malware First appeared: Friday 12 May 2017 Targeted: Computers running Microsoft Windows OS
How: Uses EternalBlue to exploit Server Message Block (SMB) vulnerability. Implants DoublePulsar backdoor, and uses that to install malware.
Infected, day one: 230,000+ computers in 150 countries Including: UK's National Health Service, Spanish Telefonica, Fedex, Deutsche Bahn