Worldwide ransomware attack infects users in over 100 countries
Immediate action required by all Windows users.
#Ransomware featured in the top news this weekend when the exploit-encryptor-worm WannaCrypt (nicknamed #WannaCry) spread across the world by piggy-backing off the Windows exploit #EternalBlue. Researchers in our security network reported that around 100,000 users saw their computers encrypted in a matter of minutes over the last 72 hours (see image on right). The patch for #EternalBlue was released by Microsoft in March this year (security update MS17-010 on 14 March 2017). On Friday, Microsoft released a notice saying that they are working on releasing a patch for out-of-support platforms as well, such as Windows XP, Windows 8, and Windows Server 2003.
What To Do
Preventative Actions
- Patch all Windows-based computers in the network against the #EternalBlue exploit: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
- Update your security software’s signature files to its latest release
- Advise staff members to not click on suspicious links or attachments in emails. Even if computers are patched, you can still become infected if you accidentally click on infected files or links.
If your computers are infected
If you think you have been infected by #WannaCry, contact our support line immediately.
Key Learnings
Proactive #cybersecurity best practices
- CRITICAL: Effective patch management
- Security software update (up-to-date signature definition files)
- Effective disaster recovery and business continuity systems
- Security awareness training
Contact us for a Managed Services solution regarding any of the above action items.