Network Communications News (NCN) NCN-Sept2017 - Page 10

TALKING POINT WannaCry ransomware (and the rest) shows why enterprises need to plan for chaos While the WannaCry ransomware infections now seem to be declining from their peak last month, the chaos following the global attack is far from over, says Reuven Harrison, CTO and co-founder at Tufin. T he malware that swept around the world infected more than 300,000 computers in 100 countries, and continues to hit companies such as Honda, shutting down production. In the UK, NHS hospitals were particularly badly hit – possibly because of a reliance on an older version of Windows – and many are still dealing with the aftermath. Like many computer worms, the WannaCry malicious code replicates and spreads itself among networked computers, causing untold havoc within large organisations that rely on vast computer infrastructure – such as the NHS. And if that wasn’t enough, whilst recovering from the WannaCry attack, many organisations found themselves in the firing line once again, when the Petyawrap (or NotPetya) infection – so named because it masquerades as the Petya ransomware – was unleashed last month. The malware exploded across the world at the end of June, taking out organisations from banks to electricity grids. This successive attack is further proof that modern IT infrastructures are incredibly vulnerable. But it doesn’t mean that enterprises are defenceless. Attacks like Pertyawrap and WannaCry are only going to increase in frequency and severity unless companies take proactive action that brings order to an otherwise chaotic environment, improving the security of the information systems they maintain in the process. 10 | September 2017 Luckily, there are solutions that bypass this complexity and transform a ‘chaotic’ enterprise network environment into a more secure and compliant network. An automated approach to network segmentation is one of the solutions. C o m p l ex i t y i s t h e re a l i t y o f to d a y ’ s e nte r p r i s e n et wo r k s . M u l t i p l e ve n d o r s a n d p l at fo r m s , p h y s i c a l n et wo r k s a n d h y b r i d c l o u d , n ot to m e nt i o n n et wo r k d ev i c e s a n d t h e r u l e s t h at m a n a ge t h o s e d ev i c e s . T h at ’ s j u s t h a l f t h e c h a l l e n ge . N ow c o m b i n e t h at s c e n a r i o w i t h t h e fa s t p a c e o f c h a n ge t h at i s re q u i re d to ke e p a n et wo r k o p e rat i n g s e c u re l y a n d o pt i m a l l y , w i t h t h e a d d e d p ote nt i a l fo r h u m a n e r ro r o r m i s c o n f i g u rat i o n s , a n d t h e l eve l o f c o m p l ex i t y , a n d i n d e e d t h re at , i n c re a s e s eve n m o re . Proper network segmentation divides a network into different security zones which limits the exposure that an attacker would have in the event that the network is breached. Nevertheless, the reality of a dynamic environment which requires ongoing changes to application connectivity implies a high risk of configuration errors. The potential consequence of such errors is sub-optimal segmentation, which means that events can unfold quickly and escalate into an attack – such as WannaCry – finding its way into your network via just one overlooked open port. This is particularly the case when it comes to poorly managed f&Wv2ǖrWFFFWGv&6VvVFFw26V7W&GvW'2FV7W&RFBFPWGv&6VvVFF2FV@F&VvWB6vW2vFW@6vrFvFR'W6W726vFB&fW762f6pFV&RvגbWGv&6WGB7&V6VB6V7W&GF&VG2W"Gf6R2FR7W&PRf"62BWB6PV7W&W2FB'&r&FW"FFW'v6R6F2BVf&VBf"gW'FW"f&Ff6CwwrGVf6