Tags: wannacry | ransomware | microsoft | patch

One More Lesson to Learn From the 'WannaCry' Ransomware Attack

Image: One More Lesson to Learn From the 'WannaCry' Ransomware Attack
A view of the new Microsoft Surface Laptop following a Microsoft launch event, May 2, 2017, in New York City. (Drew Angerer/Getty Images)

By Lee Gruenfeld
Tuesday, 23 May 2017 10:16 AM Current | Bio | Archive

Last week I wrote about the latest malicious virus to hurtle its way around the globe. The dangers were thankfully largely contained, albeit by no means over, but considerable damage was wrought in the few days the beast was in full-throated roar.

One positive outcome was that the public at large got a valuable lesson in the risks associated with such attacks and, one hopes, followed expert advice in implementing some simple defenses to thwart similar, inevitable intrusions.

As it turns out, however, there is (at least) one more lesson to be learned. It’s not well known, but it’s very real. Fortunately, it’s also easy to address.

I learned about this from Dr. Charles Popper, Partner and CEO of the TechPar Group in New Jersey. (Disclosure: I’m a Principal Advisor with this firm.) The lesson is this:

The threat to your Windows-based computer is at its very highest immediately following the release of a new security patch from Microsoft, but before you install it.

To understand why this is so, you need to know a little about how the bad guys operate. This is how Dr. Popper explained it to me. Don’t worry: it’s very easy to follow.

Hackers are always on the lookout for a new security patch from Microsoft. They install it on one of their machines the instant it’s available. Then, they do a detailed comparison of the newly updated Windows to the version just preceding it. This gives them a very clear picture of exactly what the Microsoft patch changed.

Which gives them a very clear picture of the security vulnerability Microsoft was trying to fix.

Now they have a roadmap of exactly how to go about building a virus to exploit that security hole. If they get it out and spreading quickly enough, they can infect every computer that hasn’t yet installed the patch.

You gotta give ‘em props for ingenuity, misguided and evil though it might be.

Your defense against these dark arts? Simple: Don’t delay in installing those patches. Make sure your Windows settings are configured to do that for you automatically. Do that and also follow the advice in last week’s column, and you should be reasonably safe.

At least from that type of threat. Hey: It’s a jungle out there…

Special note to those of you with an interest in the Internet of Things: On July 17 & 18 I’m speaking at two sessions of IoT Evolution Expo in Las Vegas, one of the most prestigious international conferences devoted to the Internet of Things. The first is an address on the changing role of tech support; the second is a panel I’ll be chairing on how the regulatory environment can help or hurt IoT business opportunities. The organizers of IoT Evolution have kindly offered a 20% discount off the registration fee for readers of “A Walk on the Tech Side.” If you’re interested in joining me at this important event, please have a look at the details on the Cholawsky & Gruenfeld Advisory website, here.

Lee Gruenfeld is a managing partner of Cholawsky and Gruenfeld Advisory, as well as a principal with the TechPar Group in New York, a boutique consulting firm consisting exclusively of former C-level executives and "Big Four" partners. He was vice president of strategic initiatives for Support.com, senior vice president and general manager of a SaaS division he created for a technology company in Las Vegas, national head of professional services for computing pioneer Tymshare, and a partner in the management consulting practice of Deloitte in New York and Los Angeles. Lee is also the award-winning author of fourteen critically-acclaimed, best-selling works of fiction and non-fiction. For more of his reports — Click Here Now.

© 2017 Newsmax. All rights reserved.

1Like our page
2Share
LeeGruenfeld
Hackers are always on the lookout for a new security patch from Microsoft.
wannacry, ransomware, microsoft, patch
620
2017-16-23
 

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

 
NEWSMAX.COM
America's News Page
©  Newsmax Media, Inc.
All Rights Reserved