Security Alert: WannaCry Ransomware
Our blog post, Security Alert: Microsoft remote access vulnerability, on Wednesday, highlighted a vulnerability within Microsoft’s Windows Defender virus protection that allowed threats to be activated on Windows machines without the user having to click any links or email attachments.
Unfortunately, on Friday (2017.05.12) this vulnerability was exploited by a Ransomware Worm called WannaCry.
In less than 24 hours WannaCryptor (WannaCry) infected 185,000 machines in over 100 countries. Of the infected machines, many are within telecoms companies, gas companies, big businesses and government sectors; including the NHS.
If you have been affected by WannaCry or any other Ransomware
- Don’t Panic! It is scary but keep a cool head.
- Identify the source and isolate. This type of attack will make your data inaccessible and once the process has started the only focus is to prevent the spread by isolating the machines affected and turning them off.
- Contact your IT department or company. You can contact us on 023 8024 9820 if you need help.
- Restore and recover. Once an active attack has been isolated and damage assessed then the restoration and recovery process can begin.
How to protect yourself
To ensure you are protected you should:
Make sure all Windows updates have been run. You can do this by pressing the ‘Start’ button and typing ‘Update’. Select ‘Windows Update’. You should see that no updates are available. However, if there are updates then you should make sure these are carried out immediately.
Check your AntiVirus and Malware protection are up to date. If you are an ITC customer this is already taken care of.
Ensure you have regular backups running so that if the worst does happen you can restore your business vital data.
Avoid using any PC’s on operating systems earlier than Windows Vista (Windows Vista, XP, 2000, ’98 etc). If you need to use these machines they should be completely disconnected from the Internet.
Use a patch management service such as the one provided by ITC. This will ensure that your Operating system updates are always carried out.