WannaCry Ransomware Attack – What We Know and What You Need to Do

May 17 2017
6
0


On Friday May 12, a massive cyberattack was launched and has been spreading across the globe ever since. Hundreds of thousands of computers have been targeted, with major government and corporate operations affected. The cyberattack has come in the form of a malware (malicious software) known as WannaCry. In this post, we wanted to update you all about what we know about this malware and what you need to do in the wake of this cyberattack.

What is WannaCry?

WannaCry is a form of malware known as ransomware. Once this malicious software is activated on a computer, it encrypts the files on the machine so they become inaccessible. As the name implies, the owner of that machine is then required to pay a ransom in order to unlock the files (in this case, the ransom must be paid in BitCoin).

What Operating Systems Are Vulnerable?

All versions of Windows Desktop and Server operating systems are potentially impacted. However, if your patches and updates are current, your systems should be protected. If you need any assistance to verify this, please do not hesitate to contact us.

Has the Attack Been Contained?

No. At the time of writing, a “kill switch” was discovered over the weekend that stopped WannaCry from spreading. However, within hours of this happening, new versions of the malware were discovered that could not be stopped by this kill switch. Indeed, as of Monday morning, reports were emerging that Australian organisations had now been hit by WannaCry.

What Preventative Measures Can Be Taken Today?

In this instance, Windows updates are critical. If your system is up-to-date, there is little to no risk of infection. Secondly, please ensure that your antivirus software is also updated. Finally, it is important for us to reemphasise email security. If you receive an email from a strange or unknown source, please approach it with caution; particularly if it has an attachment included. If you see a suspicious email, please report it to your IT admin team immediately and delete the email from your inbox. As we have mentioned before, the end user is the last line of defence in any organisation’s cybersecurity program. Be sure to remain alert and cautious.

What Are the Long-Term Preventative Measures?

There are several steps your organisation should consider to ensure that you are protected from future attacks. Firstly, make sure you have a comprehensive cybersecurity plan in place. This should take into account several areas of importance including, backups, email security, disaster recovery and ensuring you have the latest updates and patches installed on your systems. Secondly, it is vital that all your team members are made aware of cybersecurity threats and are briefed about them as soon as possible. Finally, make sure that this cybersecurity program is reviewed and updated. The unfortunate reality is that cyberattacks are becoming more sophisticated and the consequences of these attacks are becoming more devastating. The unprecedented nature of WannaCry proves this trend, and reminds us all about how important cybersecurity is today.

We hope that this update provides you with the key information you need about these recent developments. As always, if there is anything that Comunet can do to assist you and your organisation, please call us straight away. Our team are ready to assist you.