Chapter 1The threat landscape

On May 12, 2017, the mainstream media began covering a massive ransomware attack called WannaCry, which caught the world by surprise. It was reported that in a single day, 230,000 computers in more than 150 countries were infected. The attack was carried out by exploiting computers on which the MS17-010 patch—released in March 2017 to fix a Microsoft SMB vulnerability—had not been applied. In addition to affecting home users, this attack hit organizations such as the United Kingdom’s National Health Service (NHS). Computers that were patched were not affected. (This, of course, highlights the need to have a solid update-management process in place!)

Ransomware like WannaCry—or like Petya, which allows for lateral ...

Get Microsoft Azure Security Center, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.