The National Audit Office (NAO) concluded, “All organisations infected by WannaCry shared the same vulnerability and could have taken relatively simple action to protect themselves.”
The NAO’s investigation into the mid-2017 ransomware outbreak clarified, “All NHS organisations infected by WannaCry had unpatched or unsupported Windows operating systems so were susceptible to the ransomware.”
Relying on manual processes or users themselves to protect a system is inefficient and is susceptible to exploits. Targeting a known vulnerability is an exceptionally easy approach for an attacker to take, it relies on a lax approach to protection within the organisation.
What is Patching (the dummies guide)?
The technical term ‘Patching’, is as literal as it sounds: applying a patch to fix a problem, just as you would a tear in a pair of jeans.
A software patch is a code update designed to resolve security vulnerabilities, functionality problems and add new features. These fixes are usually fairly small, released at interim stages throughout a product’s lifecycle.
Software inevitably runs into issues known as bugs. A patch is then developed and made available by the software producer in download form. The patch quickly solves the problem but isn’t necessarily a long term solution. The likelihood is the software producer will work on a refined solution which is built in as standard to the next full iteration of their software.
How Patch Management Works
Applying patches ad hoc is obviously not a controlled or methodical approach. Patch management has been developed as an area within systems management to take ownership of patching in a professional setting. Due to the developer’s haste to issue a fix, patches can sometimes cause more problems than they solve, so having a process in place is essential.
Patch management should be employed to:
- Stay abreast of existing patches
- Choose which patches are appropriate for the specific system configuration
- Run trial installations on non-critical systems before rolling out globally
- Ensure correct installation of patches
- Test the system after installation
- Document the procedures undertaken and any config required.
Backup is another hugely important part of patching. Having a recoverable copy of your system can save countless hours of unpicking a faulty patch. Alongside trialling patches on non-essential systems, taking a backup of the environment before implementing is always good practice.
The Implications of Not Patching
Systems and infrastructure usually aren’t perfect upon their release. Patching is always around as a fall back and is a preventative measure. If fixes aren’t applied as they’re discovered, vulnerabilities can seriously compromise the security of a network and all the data on it.
The 2017 Wannacry ransomware outbreak that majorly hit the NHS could have been prevented by so many organisations with the simple patch of the Windows 7 Operating System. The patch had been available for 2 months before the attack was launched.
An exposed vulnerability can lead to a window of potential ‘Zero Day Attack’ – an exploit occurring while a patch is in the process of being developed. A strong patch management system constantly monitors your network so immediate action can be taken to prevent any threat to your business.
There are several products on the market to assist with automated patch management. Talk to M-Tech about our recommended partners and how to formulate a successful patch management process.