Organizations in dozens of countries have all been hit with the same ransomware program, a variant of WannaCrypt (also known as WanaCrypt0r and WCry). Cybersecurity firm Avast said it has tracked more than 75,000 attacks in 99 countries.
“The spread is immense,” says Adam Kujawa, the director of malware intelligence at Malwarebytes, which discovered the original version of WannaCry. “I’ve never seen anything before like this. This is nuts.”
What is it?
The “WannaCry” ransomware locks down all the files on an infected computer and asks you to pay in order to regain control of your files. The ransomware is automatically scanning for computers it can infect whenever it loads itself onto a new machine. It can infect other computers on the same wireless network.
The ransomware, is spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March. But computers and networks that haven’t updated their systems are at risk. The exploit was leaked last month as part of a trove of NSA spy tools.
This is the The Ransomware Meltdown Experts Warned About Is Here.
If you have a current active BWS indigoGUARD service your patching is up to date. However If you see anything suspect just turn it off immediately and bring it by for a health check.
» If you want to know more contact us.
How to prevent it
Apply the patch released in March to all systems to prevent WannaCry infections. Although it won’t do any good for machines that have already been hit.
Consumers who have up-to-date software are protected from this ransomware.
Click here for information about the Windows versions or editions affected and for details on how to patch (MS17-010) the EternalBlue exploit. Or click here for instructions on how to review and install high-priorities updates on your Windows laptop or PC.
Affected Windows versions/editions and how to patch
How to Install High Priority Windows Updates
How to configure and use Automatic Updates in Windows
More Steps to Protect Yourself
- Update your systems to include the latest patches and software updates.
- Do not click on or download unfamiliar links or files in emails.
- Back up your data to prevent possible loss, whether you are at a home, work, or school computer.
“I would say it’s having so much ‘success’ because people and companies aren’t patching their systems,” MalwareHunter says.
As a result of Friday’s infection, hospitals, doctors’ offices, and other health care institutions in London and Northern England have had to cancel non-urgent services and revert to backup procedures. Multiple emergency rooms around England spread word that patients should avoid coming in if possible. The situation doesn’t appear to have resulted in any unauthorized access to patient data so far.
WannaCry was developed with a broad, long-term reach in mind. In addition to the Windows server vulnerability an analysis group who discovered the second generation of WannaCry, says that “probably there are more” vulnerabilities the ransomware can take advantage of as well.
But WannaCry could continue to expand its range indefinitely, because it exploits at least one vulnerability that has persisted unprotected on many systems two months after Microsoft released a patch.
The U.S. Department of Homeland Security, in a statement late Friday May 12,2017, encouraged people to update their operating systems. Read DHS Statement on Ongoing Ransomware Attacks
