/network-security-pt-2-patching-vulnerabilities.jpg)
Did you miss part 1? Click HERE to watch it first.
––––––––––––––––––––––––––––––––––––
Transcript:
In any environment using software, you're guaranteed to have vulnerabilities. Even the best of software engineers don't write perfect code, and as a result, people figure out a way to exploit them. And they do that by figuring out how to take control of the system, how steal its data, and make it system inoperable.
I think the best example that really shows the vulnerability of software is the 2017 Wannacry virus. In March of 2017, Microsoft released a security update to its Windows operating system. It was sent to every Windows user in order to patch some important vulnerabilities in users' systems.
Unfortunately, by about April 2017, a group had found an exploit to that vulnerability. Within a few weeks, that virus had spread to hundreds of thousands of computers, all across the globe, spanning more than 116 countries. The virus itself was designed to propagate from system to system, spreading like a wildfire.
The effectiveness of this virus came from the fact that it did not require user intervention to operate once it got inside a computer.
It was a nasty virus that encrypted hard drives and even forced companies to restore from backup. If they didn't have an unaffected backup system, they would have to pay a ransom to try to get a decryption key so they could return to full operation.
One of the things that everyone must do is update their software as soon as update notifications come in. The longer you delay, the higher chance you have of being the next virus victim.
No matter if it's a Microsoft operating system or an Adobe product or whatever, you will see regular updates come through, which will patch those vulnerabilities and mitigate against potential problems.
By far the number one thing that you've got to take care of is patching your systems and doing it regularly. The interesting thing about software vulnerabilities is it's applicable to everybody, no matter how big or how small your company is.
If you're running a personal computer, or your network has a small group of five people, it's got to be updated. No environment it's too small to think you can pass under the radar. These viruses don't care. And the impact of these viruses to any organization could be catastrophic.
In the case of the Wannacry virus, which is a ransomware virus, your data is made inaccessible and held for ransom money. Depending on how valuable the data is, it could bring a company to its knees, especially if it can't operate.
Of course, other viruses have different goals. There are certainly people out there that want your data or personal information. and they'll do whatever they can to compromise your systems. All they want is to find out what kind of data you have flowing through your system and find out how to use it to their advantage.
The other purpose that I think you 'll hear more and more about is compromised systems mining Bitcoin or other cryptocurrencies. With the right virus, they can use your computer's processing power to perform functions anonymously.
The number one takeaway from today is that you patch your systems. Sometimes it can be a bit of a burden to have to reboot your systems and whatnot. But it is worth it because these bad actors on the Internet will be more likely to pass by your organization if you've kept your software up to date. And the fact is, it would be so much more inconvenient to recover from a ransomware attack or other data loss than it ever would be to press the update button.
––––––––––––––––––––––––––––––––––––
Did you miss part 1? Click below to watch it now
/network-security-pt-1-human-element_fb.jpg?width=1200&name=network-security-pt-1-human-element_fb.jpg)
