May 16, 2017

Protecting Yourself from WannaCry and Other Ransomware

On Friday, May 12, 2017 hackers launched a global ransomware attack dubbed “WannaCry.” The ransomware exploits vulnerabilities in Windows operating systems that haven’t been updated with a patch that Microsoft released in March.


Screenshot of WannaCry ransomware
The attack works by encrypting files on the affected computer and demanding payment of $300 to regain access to the files. Tens of thousands of computers were infected worldwide before the initial malware was halted. Since the initial release of the malware, variants have emerged that have continued to infect unpatched Windows computer systems.

In March, Microsoft released a security update which addresses the vulnerability that these attacks are exploiting. Microsoft states that those who have Windows Update enabled are protected against attacks on this vulnerability. For those organizations who have not yet applied the security update, Microsoft recommends you immediately deploy Microsoft Security Bulletin MS17-010.

Additional information about the WannaCry attack and protecting your network and computers from ransomware is below.

Customer Guidance for WannaCrypt attacks
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

Indicators Associated With WannaCry Ransomware: Alert (TA17-132A)
https://www.us-cert.gov/ncas/alerts/TA17-132A

The How to Protect Your Networks from Ransomware
https://www.justice.gov/criminal-ccips/file/872771/download

General information about ransomware
https://pdf.ic3.gov/Ransomware_Trifold_e-version.pdf
If you are the victim of ransomware or a phishing scheme:
Report your experience to the FTC and to the FBI’s Internet Crime Complaint Center at ic3.gov. Give as much information as you can, including all requested banking information. The sooner you get this report in to ic3, the more likely they can help you. To file an Internet crime complaint, visit: https://www.ic3.gov/complaint/splash.aspx