Don’t WannaCry No More: Ridding Ransomware With IBM MaaS360 With Watson
As the WannaCry ransomware attack continues to unfold, over 230,000 endpoints have already been affected globally, and experts predict that number will grow in the days ahead.
All organizations must act quickly to patch their vulnerable Microsoft Windows machines and learn from this event to prepare for future incidents of similar scale and significance.
Avoiding Ransomware With MaaS360
If your organization is among the thousands that have been affected, IBM Security has been tracking this attack closely since its discovery and released WannaCry response best practices to help IT professionals work toward a resolution. If you’ve been lucky enough to avoid the attack thus far, now is the time to ensure that your enterprise is well-defended from ransomware or other potential threats.
In hindsight, the WannaCry ransomware attack was made possible by the exploitation of a known vulnerability in the Windows operating system. For the most part, supported versions of Windows could have been patched as early as March 2017. For older versions, such as Windows XP and 8, special patches were issued on Friday, May 12.
In either case, the capabilities offered by IBM MaaS360 with Watson, our cognitive unified endpoint management (UEM) solution, were available to help customers prevent this attack through regular patching of their older Windows operating systems. No other UEM, enterprise mobility management (EMM) or mobile device management (MDM) solutions deliver support from a single platform for the older Windows versions that were affected.
Although any endpoint’s software will inevitably become outdated, its ongoing maintenance becomes no less relevant in preserving enterprise security until it is fully decommissioned and disconnected from network resources. For this reason, MaaS360 provides dedicated support for legacy operating systems across all device form factors.
Regular Patching and Maintenance
Keep in mind that the vast majority of exploits occur against known vulnerabilities of unpatched endpoints, which means they are preventable.
MaaS360 cognitive UEM allows organizations to manage all endpoints — smartphones, tablets, laptops, desktops, ruggedized devices, wearables and the Internet of Things (IoT) — from a single platform, making it easy to keep all systems current with OS and third-party software updates.
MaaS360 customers had the ability to patch their Windows Vista SP2, 7, 8.1 and 10 devices in March, when Microsoft released the original security update. The platform also made it easy for customers who had not applied the patch to determine which endpoints required the update and track them to completion.
Emergency Patching and Updates
The WannaCry attack was so impactful that Microsoft deployed updates on the day of the incident for older operating systems such as Windows XP and 8. This required organizations to quickly distribute patches to applicable laptops and desktops.
At that time, MaaS360 customers had the capabilities that were needed to access and distribute the new update. At the click of a button, managed endpoints would have received the update whether they were on the network or in a coffee shop.
MaaS360 supports patch management and updates across all popular operating systems, including legacy versions from Microsoft and Apple. The solution offers the full assortment of laptop management capabilities that are unavailable through alternative UEM, EMM or MDM offerings.
Discover and Understand Threats More Quickly
Earlier this year, IBM made history by announcing the industry’s first and only cognitive approach to UEM, available through MaaS360 with Watson.
MaaS360 customers who manage their laptops and desktops alongside their smartphones and tablets were well-equipped to quickly understand the WannaCry attack and take remediation actions.
The cognitive insights and actionable intelligence offered by Advisor are built directly into the MaaS360 platform to help customers quickly discover and adequately respond to attacks of this nature.
This is a vastly different approach that improves the experience beyond what traditional endpoint or mobile device management solutions are capable of. To learn more about cognitive UEM, including ways it can help your organization navigate the modern threat landscape, register for the May 25 webinar.