If the past week has taught us anything, it’s the importance of getting and then keeping your systems patched. In light of the Windows Defender announcement and now the Eternal Blue exploit and associated Wanna Cry ransomware attack, it’s clear that patching as quickly as possible is one of the most effective ways to reduce threat vulnerabilities and improve security.
The Wanna Cry ransomware attack has attacked more than 80,000 users worldwide in less than a day, and the number will continue to climb. According to Kevin Beaumont, a UK security architect, “It is going to spread far and wide within the internal systems of organizations — this is turning into the biggest cybersecurity incident I’ve ever seen.” In part because the ransomware has what Beaumont calls a hunter module that scans for other devices on the same wireless networks, from offices to coffee shops, infecting new devices and spreading out.
The ransomware attack is linked to the Microsoft vulnerabilities that leaked in April and exploit a number of Windows servers and Windows operating systems. That leak stated the vulnerabilities were espionage tools allegedly used by the NSA. Per Matthew Hickey, founder of Hacker House, “This is quite possibly the most damaging thing I’ve seen in the last several years.”This puts a powerful nation state-level attack tool in the hands of anyone who wants to download it to start targeting servers.”
While this may mean that fewer individual users are targeted, it’s certainly bad news for companies. Per Hickey, “…these kinds of tools are targeted at enterprise and business environments.” The good news is that a patch that could prevent the ransomware was released back in March. Unfortunately, based on the increasing number of attacks, it’s become clear that there are a lot of companies that did not install the patch.
The patching process has historically been a manual function that requires pulling IT staff off other priority projects. For many IT departments, the time and resource cost is high to get and stay patched. Thus, they tend to put it off and hope nothing happens, or they think their other security measures will keep them safe.
Some solutions provide visibility and scanning functionality, but the remediation of the vulnerabilities those solutions discover is still a manual process. They generate bad news, but do nothing to help companies fix what they find.
Enter Automox and automated cloud patch management. Automox created the first cloud based, closed loop patching process that automates not only the discovery and monitoring of vulnerabilities, but also the continuous remediation of those vulnerabilities.
With Automox’s automated patching capabilities, IT departments can transition from a “security panic” response when incidents like we’ve seen this week arise, to a routine operational response based on daily remediation happening quietly and consistently in the background.
We’ve cut the time and effort to apply patches by more than 90%. For example, a customer running on our platform would have received the March security bulletin from Microsoft and had the patches applied automatically on the same day without having to do anything. Full automation on the Automox platform results in zero touch patching for IT managers.
Automox also allows for control over when and how to apply patches, and can integrate into existing workflows. Either way, from identification through remediation, Automox helps companies get and stay secure by reducing their threat footprint.
To learn more about Automox and closed loop patching, check us out at automoxprod.wpengine.com. And if you have any specific questions or want some additional insight into why we do what we do, drop us a line at firstname.lastname@example.org, we’re here to help.
To a safer, more secure world through automated patching.