The wave of attacks by 'WannaCry' has been stopped in the meantime. However, experts assume that similar attacks will follow and see a need for action. "The large-scale ransomware attack at the beginning of May is a clear sign of the escalating challenges facing cyber security," says industry analyst Vijay Michalik from Frost & Sullivan. The current attack was stopped abruptly with the help of an emergency stop button that the operator of the blog 'MalwareTech' had come across. "However, it is extremely likely that a new attack will come without this emergency brake built in by the attackers," warns the analyst.

The attack was made possible by a Windows vulnerability for which a security update has been available for some time. "The incidents show dramatically what the consequences can be if updates are not installed on time. The exploited vulnerability was already closed by Microsoft in March," says Tim Berghoff, G Data Security Evangelist. Government organizations, companies and private users should think very quickly about how they can close the respective security gaps. "IT managers in companies should consider the use of patch management in order to be able to roll out updates for all computers in the network quickly," says the expert. The German Federal Office for Information Security (BSI) also sees a need for action. The current attacks are another wake-up call for companies to finally take IT security seriously and take sustainable protective measures. "The current vulnerability has been known for months and corresponding security updates are available. We strongly recommend that you install them," said BSI President Arne Schönbohm.

SMEs and small businesses at a disadvantage

While an IT department steps in for such emergencies in industry and large companies, SMEs and small businesses often have their backs to the wall in the event of a ransomware attack. "If access to data is not possible, no quotation can be written, no order can be processed. Ultimately, depending on the calculation, a company is on the brink of economic disaster after just a few days," says Andreas Schlechter, Managing Director of Telonic, a system house specializing in network and security.

According to Schlechter, targets such as industrial plants, whose internal computer systems often still run on legacy systems such as Windows XP, are particularly at risk - which is intentional on the part of the manufacturer: "Plant and machine manufacturers are lagging behind here, opening the door wide for existential threats," says the Telonic managing director. He recommends solutions that not only protect against viruses, Trojans or ransomware, but also allow proactive monitoring of networks for suspicious activities such as server calls or the forwarding of malware to other computers.

Companies have a duty

Eset security specialist Thomas Uhlemann is convinced that companies need to act now to ward off attacks such as 'WannaCry' in a more targeted manner. "Companies now have a duty to review, adapt and enforce their security guidelines and concepts more consistently." In addition, the government must increase the budgets for Computer Emergency Response Teams (CERTs) at federal and state level and increase the corresponding departments of the criminal investigation departments so that they can be adequately equipped with resources, expertise and personnel. "Only then will it be possible to get to the people behind such attacks and bring them to justice," Uhlemann is convinced.

The analysts at Frost & Sullivan believe that we are approaching a turning point in cyber security in both the public and private sectors. Their advice: companies should invest heavily in order to counter the growing threat of cybercrime. This applies to technology as well as the necessary cyber security personnel and staff training to identify and prevent threats.