What You Should Know About the WannaCry Ransomware Attack

Posted by Kevin Davis - May 15, 2017 - Important Information

SQ_Blog_CyberAlert.jpgOn Friday, May 12, 2017 a massive ransomware attack was launched affecting computers worldwide. Ransomware attacks typically rely on unsuspecting end users clicking on a link or an attachment which launches a program that encrypts (locks) all of the files a user has access to, including those on a corporate server. The user is then told to pay a ransom in the form of BitCoin to receive a key to unlock the files.

This particular ransomware attack exploits a vulnerability in Microsoft Operating Systems. Microsoft released a patch for this vulnerability in March for their supported operating systems; however, many organizations neglect to apply patches or are still using older, unsupported, versions of Microsoft OS such as Windows XP.

For those organizations that are not covered under our SafetyNet Managed Services (Ultimate) program, here are some simple steps your business can take to protect against ransomware attacks:

  • Make sure you are using supported operating systems and applications
  • Make sure you apply the latest patches as soon as they become available
  • Make sure that all of your systems are protected by antivirus and anti-malware software, and ensure that the virus and malware signatures are updated automatically and consistently.
  • Employ a “next generation” firewall with integrated threat detection
  • Implement backup procedures that create more frequent “recovery points” to limit the amount of lost data if you need to recover your data from backups.
  • Educate your end users to look for the tell-tale signs of a suspicious email

The last step is the most important. As this is an active attack, variants of the original virus are already circulating to thwart countermeasures already in place. It is imperative that your end user community be ever vigilant in inspecting what they are receiving in email and proceeding with caution.

In the next few weeks SymQuest will begin offering a comprehensive end user security training and testing platform that will allow our customers to build up their last line of defense, the “human firewall”. Look forward to more information on that in the coming weeks.

For more information on the WannaCry Ransomware Attack visit https://www.dhs.gov/news/2017/05/12/dhs-statement-ongoing-ransomware-attacks.

To stay up to date on the latest news about network security and vulnerabilities subscribe to Tech Talk today.

about the author

Kevin Davis

Kevin Davis is currently the Vice President of Service and Support for SymQuest, and is based in the South Burlington, VT and West Lebanon, NH office locations. Davis is responsible for the network and client support teams at SymQuest. Davis started with SymQuest in April of 2007 as an Incident Response Engineer. His love for customer service and technology quickly led him through various engineering positions where his passion for process improvement and motivating team members advanced him to management positions with increasing responsibilities leading to his present role as Vice President of Service and Support. Kevin holds many industry IT certifications and was a member of True Profits Group.

Kevin Davis
LinkedIn

Comments