By now, you’ve heard all about the WannaCry ransomware attacks that began on May 12th. The details are all over the news, and the security patches are readily available from Microsoft for Windows XP, Windows 8, and Windows Server 2003.
The questions we’re getting now are more about what could have been done before the attacks to prevent being victimized.
The simplest answer is to keep your OS updated. Out of date operating systems are always going to be more vulnerable to malicious attacks for several reasons. First, as technology evolves, we innovate more sophisticated technology to protect our new systems. Second, hackers quite simply have more time to create malware for older operating systems. Current technology is increasingly impenetrable, and hasn’t been in use for long enough to be targeted. These are some of the key reasons that Windows 10 enterprise customers weren’t targeted with the WannaCrypt ransomware.
Microsoft has been marketing Windows 10 as the most secure OS available – and the recent attacks have been proof positive that they’re walking the walk. At AMTRA, we live and breathe Windows 10 every day, and can evangelize the built-in security benefits that we know to be a huge benefit. Nothing is as effective as clear and widespread evidence though, and the WannaCry attacks on 230,000+ non-Windows 10 systems is hard to deny.
Why was Windows 10 not targeted? If you’re not familiar with the ins and outs of Windows 10 security, the biggest feature is the built-in antivirus feature, Windows Defender. Microsoft has eliminated the need for a third-party antivirus software with a very robust version of their own. Windows Defender successfully prevented Windows 10 customers from being targets of the recent ransomware attacks.
What happens if Windows 10 does become vulnerable in the future? In contrast to all other Windows versions, Windows 10 in intrinsically less likely to become vulnerable because there will be no more monolithic upgrades. Your enterprise OS will no longer become out of date, running on an old platform, because upgrades will happen 2-3 times a year, and are deployed without large-scale system disruptions. In contrast, the old model required mass upgrades every few years. It was a big process, a big investment, and highly disruptive. As a result, there was a significant disincentive to upgrade, and businesses continued to operate on old and increasingly vulnerable software to avoid the hassle. Windows 10 eliminates this disincentive by moving to smaller, more frequent upgrades. This model keeps your enterprise always up-to-date, and therefore always secure.
Another feature Microsoft is offering as a proactive step to any potential future attacks on Windows 10 is Windows Defender Advanced Threat Protection. While the built-in Windows Defender is to guard against attacks before they happen, Advanced Threat Protection is an offensive measure to deal with repercussions post-breach.
To sum it all up – keep your enterprise OS current. It’s the best way to safeguard against malicious attacks and ensure that the next version of the WannaCrypt attacks doesn’t cost your business.