As Windows ships a massive 89 security patches (14 critical, 74 important), Adobe ships critical patches for its software (although it doesn’t think they’ll be exploited!), and WordPress reveals a critical vulnerability that allows a bad actor to completely take over a WordPress site (who knew that WordPress sites were hacker magnets?), so a third French hospital reverts to pen and paper after a successful ransomware attack made digital patient records unavailable.
While cyber criminals live for zero-day attacks, all organisations can reduce their exposure by making vulnerability patching a high-priority activity – particularly when they have high numbers of WFH users and are, therefore, offering attackers alternative routes into their systems – but failing to protect against ransomware attacks is just silly!
Staff training, simulated attacks, backup and recovery drills – these are all basic elements of ensuring that an organisation can cope with a ransomware attack – and with the repercussions of any other sort of attack.