[vc_single_image source=”featured_image” img_size=”large”]
Worldwide Malware Attack: Exploring WannaCry
WannaCry is the worst malware attack of 2017. As computer virus outbreaks go, this ransomware attack is being called one of the biggest cyberattacks in history and continues to spread worldwide. In this post, we’ll explore WannaCry, its latest developments, and how to protect your organization.
WannaCry is an extremely dangerous trojan virus that infects Windows computers and promptly encrypts nearly all data. To decrypt the files and regain access, WannaCry demands that $300 in bitcoins be paid to an anonymous account. After three days, the $300 ransom increases to $600. After seven days without payment, the computer’s contents are deleted.
Why is this virus spreading?
The virus typically enters your organization through email when a user opens an infected attachment or link the malware will install. The malware then attempts to replicate itself via your computer networks and the Internet. Your entire IT infrastructure may be at risk.
Can I recover the encrypted files or should I pay the ransom?
It is currently impossible to decrypt the encrypted files. If you have backup copies of affected files, you may be able to restore them. Even if you pay the ransom there is no guarantee your files will be decrypted. We recommend that you do not pay the ransom.
Who is at risk?
WannaCry ransomware is targeting all versions of Windows, it is leveraging a hack discovered by the NSA. Microsoft patched this vulnerability in March, 2017.
What should I do?
Your first line of defense is always common sense. This applies to WannaCry and any other malware floating around out there. If you receive an email with an attachment from someone you don’t know, never open or download that attachment.
If you receive an attachment from someone you do know, but it looks odd or suspicious, never open or download it.
It is vital that every Windows device attached to your computer network have Microsoft Patch MS17-010 applied. Ensure that your IT department has strong patch management processes in place that regularly patch all devices. This patch was released over 60 days ago, so there is no reason your IT department should not have deployed this.
Microsoft took the very unusual step this weekend to release MS17-010 for its old unsupported operating systems, including:
Windows Server 2003
This old operating systems must also be patched – many of the organizations you might have seen in the press still use these old systems. Take caution with visitors to your organization connecting to your computer networks as they might infect your company.
How can I protect myself in the future?
Regardless of your operating system, you should install all available security updates. Implement a tool like Syxsense to automate the detection of all devices and patching processes.
Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.