A dangerous ransomware attack is occurring today which is having a significant impact on computers globally. The attack has compromised the hospital system in England and severely impacted the Spanish telecommunications company, Telefonica. All told, more than 74 countries have been impacted.
- The malware is sent through phishing attacks in which recipients of emails are tricked into opening phony links. Once one computer in a system is infected, the malware spreads to other machines on the same network.
- Users whose computers are infected with the WannaCry ransomware malware can no longer use their files as the malware encrypts files on desktops and across corporate networks.
- WannaCry is based on malware developed by the NSA that was among the massive trove of information that was stolen and leaked on the Internet.
- WannaCry exploits a known vulnerability in Microsoft Windows operating systems.
- Microsoft released a critical patch in March 2017 to help counteract this vulnerability. Additional information and the security update are available here: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
For IT Departments
- IT Departments are advised to immediately patch corporate computers
- IT Departments are advised to thoroughly test back-ups to ensure availability in the event of infection.
For Computer Users
- Computer users are advised to protect home computers. Users can update their computers directly from the Control Panel.
- Users are strongly encouraged to always keep their personal computers timely updated with updates for both operating systems (Windows, Apple iOS, etc.) and applications (MS Office, Adobe Acrobat, etc.).
- Users should also make sure they have up-to-date backups. Backups should be stored ‘out-of-band,’ meaning that they are on a different network from regular files. And don’t use ‘auto-sync’ or you can end up replacing your good backups with encrypted ones.
- As repeatedly stressed in Citadel Awareness Training Programs, users should exercise caution when receiving emails that contain links or attachments. Don’t click on links or open attachments in unexpected emails. As Ben Franklin said: Distrust and caution are the parents of security.
Below are links to websites with additional information about this current malware attack.
An NSA-derived ransomware worm is shutting down computers worldwide: https://arstechnica.com/security/2017/05/an-nsa-derived-ransomware-worm-is-shutting-down-computers-worldwide/
Malware, described in leaked NSA documents, cripples computers worldwide: https://www.washingtonpost.com/world/hospitals-across-england-report-it-failure-amid-suspected-major-cyber-attack/2017/05/12/84e3dc5e-3723-11e7-b373-418f6849a004_story.html
Let’s be careful out there –
Distrust and caution are the parents of security … Benjamin Franklin