Dubai Municipality’s chief information security officer Ahmad Al Emadi has highlighted the importance of patching systems wherever possible following the effects of the Petya ransomware that has severely affected a number of critical infrastructure organisations in Ukraine, as well as companies across Europe and the US.
Al Emadi believes it is critical that organisations make basic patches to ensure they are covered against such potentially toxic threats. “Even though patching is just one mechanism of defence, it remains an extremely important piece to combat scenarios like Petya,” he said. “It’s crucial that systems and applications running on unsupported operating systems are upgraded and patched dynamically.
“Petya has affected so many organisations even after people have seen that Microsoft’s ignored patches led to WannaCry.”
He went on to add that the only way to ensure sufficient protection going forward is to avoid cutting corners in terms of patching.
“What makes Petya so worrying is that even patched machines are at risk if the attack gets inside through unpatched or compromised devices. Once inside, the malware steals administrative credentials and along with other vulnerabilities starts moving latterly to compromise other devices.”
“The bottom line is this: patching is very, very, very important.”