Since its discovery last week, the WannaCry ransomware attack has continued to spread, hitting over 10,000 organisations and 200,000 individuals in over 150 countries.

Although steps have been taken to slow the spread of this malware, new variations are surfacing.

Jonathan Care, research director at Gartner, outlines steps cybersecurity professionals must take immediately.

First and foremost, apply Microsoft's MS17-010 patch. If you don't have it, and you have TCP port 445 open, your system will be hit by ransomware, he states.

Then take the following steps to guard your organisation against future attacks of this nature:

Stop blaming

While it’s tempting to point the finger at others, one of the key stages of incident response involves focusing on root causes. Microsoft Windows XP, an OS that has been hit hard by WannaCry, can be embedded into key systems as part of control packages. This means that vulnerable firmware may be neither accessible nor under your control. Where you have embedded systems — such as point-of-sale terminals, medical imaging equipment, telecom systems, and even industrial output systems such as smart card personalization and document production equipment — ensure your vendor can provide an upgrade path as a priority.

But if ransomware infection occurs, do not pay the ransom, advises James Scott, senior fellow, Institute for Critical Infrastructure Technology.

There are limited chances of the attacker actually unlocking the system, he says in a blog post.

Some ransomware, such as the WannaCry ransomware, do not even contain decryption mechanisms or technical procedures to identify which victim has paid the ransom, he adds.

As well, paying ransoms encourages attackers to broaden their campaigns and it inspires new threat actors to launch additional attacks because the campaigns are seen as profitable.

“Paying ransoms funds the development of nascent malware and ransomware, it increases the likelihood that others will be victimised by ransomware by encouraging new campaigns, and it may even fund terrorism, cybercriminal attacks, or adversarial nation-state efforts.”