On Friday, a massive cyber-attack struck thousands of computers across the globe, with over 75,000 cases discovered in almost 100 countries. This malware outbreak has been identified as a type of ransomware known as WannaCry, and variants of that name, and is being spread by a worm component. Once infected, victims are asked to pay approximately $300 by Bitcoin. This type of outbreak can paralyze growing organizations. Immediate action from your Managed Services Provider (MSP) or IT Security team MUST be taken.
How Does WannaCry Work?
Delivery vehicles can vary, but once infected, WannaCry encrypts a computer’s files and demands money to decrypt.
What is the Status of WannaCry?
Although the widespread infection has slowed considerably due to the discovery of a “kill switch” and proper patching practices, it has not yet been contained. We expect the number of reported infections to continue to rise.
How Should Your Managed Service Provider Be Protecting Your Systems?
Your Managed Service Provider or IT Security team should have already pushed these critical patches mentioned above to all managed endpoints, and should continue to evaluate any managed patching needs for this and other vulnerabilities. All workstations should be continuously scanned for viruses, spyware, and malware, and automatically patched with critical security updates.
By having these defenses already in place, your chances of being affected decrease significantly. If you’re unsure of what actions your MSP is taking DO NOT WAIT! Contact your MSP immediately.
We also recommend confirming your MSP is supporting you through managed remote backup. Managed remote backup support may allow restoration of files prior to the infection date, which is often the only course of action. As attacks like this occur, your MSP should consult you proactively to ensure your backup settings are maximizing your business’ protection.
Proactive Measures: What Should You Be Doing on Your Own?
We have compiled a list of Best Practices for Ransomware Prevention Strategies for your personal and professional awareness:
1. Stay up-to-date! Ensure all hardware and software is up-to-date, patched, and under warranty by the manufacturer.
2. DO NOT click on any links or attachments in the email that looks suspicious and contact support.
3. Conduct periodic end-user security training.
4. Leverage offsite remote backups for all critical data stored offsite.
5. Ensure that you are running the latest updates for your antivirus and firewalls.
6. Have the ability to detect cyber incidents in real-time and be able to respond immediately. Dataprise Cyber has Managed Security offerings that can drive this level of transparency, for real-time detection and response to any incidents.
More information regarding Dataprise Cyber Managed Security Services can be found here.