A new ransomware called “WannaCry” is spreading rapidly around the world, with reports that on May 12, 2017, people in 74 countries have been hit with more than 45,000 reported attacks. The outbreak is focused in Russia and Europe, but has spread rapidly to all parts of the globe.
Cyber-security experts are saying although the attack has been halted over the weekend that we can expect to see another large scale attack as early as today (Monday, 05/15/2017).
How does it work?
For cyber criminals to gain access to the system they need to download a type of malicious software onto a device within the network. This is often done by getting a victim to click on a link or download it by mistake. Once the malicious file(s) make its way into your system, it will begin to encrypt your data and hold it for “ransom”. Once the ransom is paid, only then the decryption key is provided and best case you will gain access to your files again but there’s no guarantee.
You should always be 100% sure what you’re clicking on. Clicking on the wrong thing in this instance can prove to be a very costly mistake.
What should you do?
If you haven’t already, make sure you run Windows Updates on your personal PC’s! This is the biggest ransomware outbreak in history. There is a Microsoft patch that needs to be applied urgently if you have not done that already. Those who have yet to patch their systems are actively being targeted.
If you are a client of Machado Consulting, we ensure all updates get pushed through on a weekly basis to ensure the health of your systems. The specific Microsoft update that mitigates this risk has already been applied to systems supported by us, leaving you secure of this attack. If you have any outdated software, such as Windows XP, or Server 2003, it’s strongly advised to budget for an upgrade as soon as possible.
Where can I get more information?
If you remain unsure whether or not you and your company are protected from this attack, the best course of action is to reach out and schedule a talk with our Certified Information Systems Security Professional (CISSP), Helder Machado.