ISACA Now Blog

Knowledge & Insights > ISACA Now > Posts > Petya Attacks Underscore Need for Proactive Threat Modeling

Petya Attacks Underscore Need for Proactive Threat Modeling

Sunder Krishnan, CISA, past president of ISACA Mumbai Chapter
| Posted at 4:51 PM by ISACA News | Category: Security | Permalink | Email this Post | Comments (1)

Sunder KrishnanIf the recent WannaCry ransomware attack did not make a clinching case to corporate entities across the world, with entities scampering to patch various computers quite reactively, the attack was followed by the Petya ransomware attack across Europe and spreading all over the world.

The targets are sensational with airlines, hospitals, police stations and major financial services players.

The attacks are well-planned and targeted. Suddenly, the world has become one small village with quick sharing of the patches globally, whether the patch was identified by a research analyst in the US or a cyber lab scientist in Russia.

As predicted in early 2017, the attacks are growing in geometric proportions, both in terms of dollars spent and tenacity of the attack. The world has not yet solved the problem of patching dated computers when now the entities are scampering to isolate the SMBs (target of Petya attack).

The main objective of the attacks is to create havoc, spread panic and hold entities ransom. Payments have been extracted even from government entities, law enforcement and other organizations that one would expect to take a tough stand.

The root causes could be many, from vulnerabilities not addressed swiftly enough to the need for clinical incident management, to finally the proactive threat modeling and surgical strike from the perpetrators. Predict more attacks until the world gets together on more proactive threat modeling and global execution.

Comments

Threat Modelling

I had hoped when selecting this post that it would provide a more informative take on threat modelling, such as which threats, as a minimum, should be included which SME’s should be engaged in order to get a more rounded view of threats, the organisation risk posture, etc. Threat modelling is only as good as the threats you input together with your understanding of who are the possible threat actors.
Mark450 at 6/28/2017 9:22 AM
You must be logged in and a member to post a comment to this blog.
Email