Countermeasures for Ransomware – like WannaCry

You may have seen the news this weekend. Criminal hackers have released a new strain of ransomware that spreads itself automatically across all workstations in a network, causing a global epidemic. If you or a co-worker are not paying attention and accidentally open one of these phishing email attachments, you might infect not only your workstation but immediately everyone else’s computer too.

As more information comes in regarding this strain of ransomware (also called WannaCry, WannaCrypt0r, WannaCrypt, or WanaDecrypt0r), we know that it is infecting computers based on someone in the company opening an unknown email/attachment. These emails are malware attacks disguised as fake invoices, job offers and other lures sent to random email addresses. The file within this email is a .zip file that entices the user to open it. Once clicked, that attachment opens, and the WannaCry infection begins. Also, it uses a Windows flaw to replicate itself and spread through your computer network.Wannacry-screenshot

  1. Update your Microsoft Security Patch

Patches ensure that your system has the least security holes possible. Companies put these patches out after they find and fix problems. I know it’s a pain, but it is so worth it! In this case, the WannaCry ransomware used these security flaws to spread their malware throughout network once it entered one computer/device.

  1. Do NOT open email attachments that you did not ask for

These email attachments have been getting harder to spot. They can appear to come from anyone (even people and vendors you use) to entice you to open the corrupted file. Once opened, you’re toast, so, if you didn’t ask for the file, do NOT open it.

  1. Up-to-date operating systems

This one goes back to updating patches, in a sense, but, old and outdated operating systems are not being kept up by their creator and become very vulnerable to attacks. If your systems and programs allow, update operating systems to stay as safe as possible.

  1. Data backup

If the malware gets into your system and locks you out of your files, you need to have a good backup. With a backup, you can restore all the data and continue your work, with minimal downtime. You also won’t have to pay their ransom.

For Our Managed Services Customers:

  • Our email filtering service will filter .zip files. If you are receiving .zip files via email and would like to have them blocked, please call us.
  • Our Anti-X service includes either one or both of Trend Micro/Webroot. If updated, these tools do reduce the likelihood of infection.
  • Our PatchIT Patch Management service helps to keep updates flowing from Microsoft to your workstations.

Please share this with all your employees, so they know what to watch. If you have any questions, please contact Rob Burkey, (970) 243-3311 / rburkey@networksunlimited.com

Leave a Reply