WannaCry: What can we learn from the watershed cybersecurity news event five years on?

Time flies, but the WannaCry ransomware outbreak began five years ago today. While it wasn’t the first cyber event to dominate the headlines, it served as a watershed moment for security awareness.

A combination of sloppy coding from the criminals and poor patch maintenance from everyone else meant that the ransomware spread like wildfire to hit computer systems in more than 150 countries. Most notoriously, WannaCry ran rampant through the NHS and crippled the organisation, resulting in more than 19,000 appointments being cancelled and a total cost of £92m.

As a result, the incident hit differently to previous cases like the TalkTalk breach two years earlier. Cyber security was no longer a distant IT thing damaging the shares of large organisations, but a very real and present issue affecting the daily lives of normal people.

WannaCry elevated cyber security to an issue worthy of dominating the mainstream broadcast and print media as well as the business and IT security press. That meant it presented a rare opportunity for security vendors to get out there on the national stage – and that’s where we came in as a cyber security PR specialist.

Unfortunately, the WannaCry outbreak didn’t start making the news until around 4pm UK time on a Friday afternoon. Hardly the ideal time to leap into action.

Still, leap we did. The Code Red team managed to secure some amazing opportunities for our clients, including multiple pieces in national broadsheet newspapers and broadcast news.

My own personal win was getting Ziv Mador of our client Trustwave an interview with Erich Auchard, then of Reuters. This led to some fantastic coverage with Reuters that was syndicated to multiple other high profile titles, as well as helping to create a relationship with the journalist that enabled follow ups on WannaCry and future security issues.

Big security breaches have almost become mundane in the last few years, but an incident like WannaCry that impacts our everyday lives will always have the potential to take over. When that happens, security vendors need to seize the opportunity to get out there on the main stage – and hopefully provide some useful insights and advice while they’re at it.

Here are a few tips that can make that happen.

1) Be flexible – You never know when the next WannaCry could strike. Having multiple spokespeople who are media trained and prepared for interviews will make it more likely that one of them will be able to make themselves available on short notice.

2) Know who to call – Times like this is when security media experience really comes into play. Not only do you need a definitive list of the highest profile journalists covering this beat, but ideally there should be a prior relationship there too.

3) Be persistent – Anyone covering this beat will have their phones ringing off the hooks. Keep trying until you get somewhere. Having an expansive list of contacts comes in handy again here, providing more options. A big enough story also warrants persisting outside normal office hours and into the weekend with different newsdesks.

4) Have something to say – Everyone else in the industry will be trying to do the same thing, so you need to make sure you actually have something worthwhile say when you do get through. Major cyber events are often vaguely defined at first, so spokespeople should be ready to provide some speculative insights without veering into scaremongering. Spokespeople should also have a clear idea in advance about the company’s policy when it comes to discussing things like nation state activity.

Are you ready for the next WannaCry type incident? Why not get in touch and see how we can help you.

Back to Knowledge Hub