If the past week has taught us anything, it’s the importance of getting and then keeping your systems patched. In light of the Windows Defender announcement and now the Eternal Blue exploit and associated Wanna Cry ransomware attack, it’s clear that patching as quickly as possible is one of the most effective ways to reduce threat vulnerabilities and improve security.
The Wanna Cry ransomware attack has attacked more than 80,000 users worldwide in less than a day, and the number will continue to climb. According to Kevin Beaumont, a UK security architect, "It is going to spread far and wide within the internal systems of organizations -- this is turning into the biggest cybersecurity incident I've ever seen." In part because the ransomware has what Beaumont calls a hunter module that scans for other devices on the same wireless networks, from offices to coffee shops, infecting new devices and spreading out.
The ransomware attack is linked to the Microsoft vulnerabilities that leaked in April and exploit a number of Windows servers and Windows operating systems. That leak stated the vulnerabilities were espionage tools allegedly used by the NSA. Per Matthew Hickey, founder of Hacker House, “This is quite possibly the most damaging thing I've seen in the last several years."This puts a powerful nation state-level attack tool in the hands of anyone who wants to download it to start targeting servers."
While this may mean that fewer individual users are targeted, it’s certainly bad news for companies. Per Hickey, “...these kinds of tools are targeted at enterprise and business environments." The good news is that a patch that could prevent the ransomware was released back in March. Unfortunately, based on the increasing number of attacks, it’s become clear that there are a lot of companies that did not install the patch.
The patching process has historically been a manual function that requires pulling IT staff off other priority projects. For many IT departments, the time and resource cost is high to get and stay patched. Thus, they tend to put it off and hope nothing happens, or they think their other security measures will keep them safe.
Some solutions provide visibility and scanning functionality, but the remediation of the vulnerabilities those solutions discover is still a manual process. They generate bad news, but do nothing to help companies fix what they find.
Enter Automox and automated cloud patch management. Automox created the first cloud based, closed loop patching process that automates not only the discovery and monitoring of vulnerabilities, but also the continuous remediation of those vulnerabilities.
With Automox’s automated patching capabilities, IT departments can transition from a “security panic” response when incidents like we’ve seen this week arise, to a routine operational response based on daily remediation happening quietly and consistently in the background.
We’ve cut the time and effort to apply patches by more than 90%. For example, a customer running on our platform would have received the March security bulletin from Microsoft and had the patches applied automatically on the same day without having to do anything. Full automation on the Automox platform results in zero touch patching for IT managers.
Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.
Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.
Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.