Over the weekend, you may have heard, there was the most severe malware attack so far this year, with more than 200,000 systems around the world believed to have been infected. The name of this troubling ransomware is “WannaCry”.
What is WannaCry Ransomware?
This daunting Trojan virus holds the infected computer hostage and demands a ransom from the victim in order to regain access to their computer. Now, this might not sound like the end of the world for a personal at home computer but what about the healthcare organizations in Europe it inflicted on Friday, how many lives did it effect then? What damage could it do to your organization if it took hostage of your computers? The software demands payment by a specific date and if it does not receive it all your files will be deleted and your data will be lost forever.
How does something like this happen?
WannaCry Ransomware first appeared back in March and is using the NSA “Eternal Blue” and “Double Pulsar” exploits. This security hole was first made public earlier this year by a group called the Shadow Brokers. Initially, the malware is spread through email, including fake invoices, job offers and other lures with a .zip file that initiates the WannaCry infection. The worm-like Eternal Blue can exploit a flaw in the Server Message Block (SMB) in Microsoft Windows, which can allow hackers to inject your computer with the virus which takes over your computer and encrypts your files. That is why it is so important you never open up an email you are unsure about and especially never extract a .zip file from an unknown source.
Is WannaCry Ransomware attack over?
Unfortunately, No. It has slowed down but reports of attacks are still popping up.
150 countries were hit during this WannaCry Ransomware attack. Business was ground to a halt at several large companies and organizations around the world, including banks, hospitals, and government agencies. Many firms employed experts over the weekend to try to prevent new infections. However, preventative measures should have already been in place so attacks like this could not have happened.
And it doesn’t stop there – many companies around the world get hit with different versions of ransomware daily and we have no way of knowing who will get hit or how bad it will be the next time. These types of ransomware attacks are not going away anytime soon so you need to protect your systems to make sure this does not happen to you.
Are you protected from Ransomware?
Regardless of which operating system you run, you should install any and all available security updates immediately. Microsoft has released emergency security patches to defend against the malware for unsupported versions of Windows, including XP and Server 2003. If you have not already performed these updates you should. If you are unsure about doing any of these updates, our support team here at AllCore are able to help you with every step.
Updates are just a part of being protected. It is also essential to have a secure endpoint antivirus & malware strategy, along with investing in user education on the dangers of phishing, ransomware, social engineering and other common attacks. In addition to all of this, having a backup strategy in place is extremely important. Because if you were to be attacked you would never need to pay the ransom as you would have your data restored from your backed up copy.
AllCore can help you with all of these services. We are a proud provider of Webroot SecureAnywhere which currently protects you from WannaCry Ransomware!
If you have any questions about your Webroot setup through AllCore, please contact our Support Team now.
If you are not an AllCore customer, please contact us today to find out how we can help you protect your systems from Ransomware.