A cyber attack that spread ransomware across the globe managed to disable computer networks and strike panic in private businesses and government agencies. But by one measure, the WannaCry attack was a dud.
The perpetrators of the virus — some are pointing fingers at hackers in North Korea — demanded that their victims pay ransom in bitcoin, a form of digital currency. So far the attackers have succeeded in collecting less than $100,000, despite demanding money from thousands of computer users located in more than 150 countries, experts say.
WannaCry and its variants began showing up in early May. Although the criminals largely failed to cash in on their worldwide scheme, experts in cyber security are warning their customers to be diligent and well prepared, because new attacks are likely to follow.
Jeff Honcoop, managing partner of Honcoop Technology Services, says that most business owners understand the importance of protecting their computer network and digital information, yet some are reluctant to spend the money for it, given competing needs within the company.
Honcoop said cyber security is one part of a strategic planning process that his company does for customers. Not surprisingly, there is no one-size-fits-all-strategy for businesses trying to ward off threats from hackers. Different companies have different needs when it comes to security, he said.
Pine Cove Consulting, a Billings technology consulting company, got its start by developing computer systems for schools and small businesses, but more attention is being paid to cyber security.
“Cyber security has been a growing focus of our company. We see the need growing, and we’ve devoted a huge part of our company to it,” said Brandon Vancleeve, vice president of Pine Cove Consulting.
Honcoop graduated from the University of Washington with a degree in aerospace engineering, and he’s heard his share of jokes about how working in a technology field isn’t exactly rocket science. After working in a large data center for a few years, he returned to college and earned a master’s of business administration in accounting and information systems.
A job with Eide Bailly Technology Consulting brought him to Billings in 2006. But in 2008 he saw an opportunity and decided to start his own business. The company has grown steadily, and its 10 full-time employees now serve clients in Montana, Wyoming, North Dakota, South Dakota, Alaska, Washington, California, Colorado, Arizona and Texas.
You have free articles remaining.
“When we do strategic planning for our customers, we give them a framework around why to invest in technology, how they should invest in it, and the value of things like security,” Honcoop said.
Forbes Magazine reports that there’s a huge demand for technology workers with experience in cyber security, with more than 1 million job openings worldwide.
Honcoop and Chris Pugrud, a senior engineer for the company, both have earned a Certified Information Systems Security Professional certification from the International Information Systems Security Certification Consortium, also known as (ISC)².
Some industry observers contend that the WannaCry attack would have been contained earlier if all computer users had properly updated their computers with antivirus software and updates, sometimes called patches, that are made available periodically.
Organizations that were hit particularly hard were likely running Windows XP or Windows 7 software, according to a recent report in Wired Magazine.
While it’s important to have robust firewalls and antivirus software, that’s only part of the process, Honcoop said.
Some customers don’t realize that simply allowing physical access to a computer can be a threat. An unattended computer can be infected with malware when a thumb drive is slipped into the machine, Honcoop said.
Cyber security experts often resort to sophisticated techniques to test for the presence of malware.
In a technique known as sandboxing, technicians can examine a suspicious program within a restricted environment, known as a sandbox, without the risk of harming a computer or network, Honcoop said.