WannaCry Fallout: Prepare Now to Respond to the Next Attack

WannaCry Ransomware
Armor's Dan Mannion

Dan Mannion

By Dan Mannion

Anyone who hadn’t heard of ransomware prior to May 12 is certainly aware of it now. WannaCry, a variant that burst onto the global scene targeting computers running Microsoft Windows, reportedly netted less than $80,000 in Bitcoin even though the attack was massive, impacting more than 230,000 computers in 124 countries.

For those of us in the technology industry, incidents such as this make the problems we see every day very real for the mass populous. And they’re looking to us for answers.

It’s important, however, to understand the best way to approach potential customers and prospects without positioning yourself as an alarmist looking to make a buck. To wit: A simple Google search for “WannaCry ransomware” brings up 2.1 million pages of content.  In just three weeks, Google found more than 2 million references to WannaCry on news and commercial sites. In fact, the entire first page of Google results consists of paid ads from security companies.

To cut through that noise, educate your team, have a plan (more on that below) and start talking to customers now to grasp exactly where they stand in terms of existing IT infrastructure and security posture. Most importantly, figure out how to be a benefit and not a salesperson.

On a technical level, WannaCry is a great object lesson for basic security hygiene. It was a rather unsophisticated attack. And, everyone on the planet should have been protected from the malware, because Microsoft released a patch for that specific vulnerability in March 2017. Customers whose IT teams or MSPs were equipped with the time, mandate and resources to deploy relevant patches as they are released were unscathed. I was frankly surprised at the global scale and speed at which WannaCry could proliferate and just how many IT teams are behind on server patching. Given that, partners and their security suppliers must be ready for the next wave.

Fortunately, our marketing and security operations teams had plans in place for these scenarios, and by the end of the first day of WannaCry, they executed a terrific strategy to help us rise above the noise to be a true resource for customers.

Below is the game plan we executed. Hopefully it can help you be ready for the next security emergency.

  1. Communicate with customers: We protect companies’ most precious assets. On the Friday that the story broke, we sent an email explaining to customers exactly what WannaCry is, what we’re doing to protect them, and how they can keep other IT assets not under our watch safe. You can find details on our blog.
  2. Communicate with potential customers, suppliers and partners: The next step is to communicate to the wider market. We conducted a webinar featuring our chief security officer detailing how we protected customers from this attack, and what everyone else can do on their own. We also recorded it, for any potential customer to review at any time.
  3. Adjust your messaging: By the following Monday, our website banner – the first thing you read when you land on our website – stated “Don’t cry about ransomware. Trust Armor.” The point is to clearly demonstrate your ongoing preparedness and willingness to help.
  4. Educate your teams: Since the first report, our CSO has sent out weekly emails to our internal team to provide updates on the progress of WannaCry, how we’re responding and any new developments.

Whether you’re talking with the market, analysts, customers or prospects, you need to be committed to giving your best effort to deliver the clearest, most relevant content on a very intimidating topic.

The bad news is this will most likely happen again — and it could be even bigger. Please take time to build a plan with your teams on how to communicate what you’re seeing, what you’re doing and what they can do to stay safe.

And feedback is a gift, so we appreciate your comments on this blog, or any other information we share. We should all strive to learn from WannaCry to pursue constant improvement.

Dan Mannion is vice president, partners & alliances at Armor, the First Totally Secure Cloud Company that keeps sensitive, regulated data safe and compliant in the cloud. For more information, visit

Leave a comment

Your email address will not be published. Required fields are marked *

The ID is: 54733