Install security software updates and back up your files

Patch Management

The most critical and obvious benefit of patch management is heightened network security. 

Following IT security best practices means keeping your security software, web browsers, and operating systems updated with the latest protections. Antivirus and anti-malware protections are frequently revised to target and respond to new cyberthreats.

The widespread WannaCry cyberattack of 2017 clearly shows the purpose of security patching. This cyberattack began when the United States National Security Administration (NSA) discovered a vulnerability in Windows, specifically regarding the server message block protocol, which is instrumental in network communications.

Wannacry.png
 

Instead of immediately reporting the vulnerability to Microsoft so the company could fix it, however, the NSA used its knowledge of the weakness to create a tool that exploited it. Cybercriminals subsequently stole this tool from the NSA and used it to attack systems worldwide, including some belonging to Britain’s National Health Service.

Once the WannaCry ransomware worm infected a computer, it would encrypt files on the hard drive so the user could no longer access them. Then, the worm would hold those files ransom, demanding a bitcoin payment from the user.

What does the story of the WannaCry worm teach us about security patches? The sad truth is that all users needed to do to avoid this cyberattack was to stay up to date with their security patches. After realizing the hackers had stolen the tool, the NSA warned Microsoft about the vulnerability, and Microsoft’s engineers put together a fix for the problem. Two months before the WannaCry attack even started, Microsoft released a patch that fixed the problem.