Late last week, businesses and organizations around the world in more than 150 countries were hit with a strain of ransomware known as Wanna Decryptor, WannaCrypt, WanaCrypt0r and WannaCry—and the ransomware shows no signs of stopping. According to a CNN article, the attack was so extreme that it “caused Britain’s NHS to cancel surgeries, a wide array of Russian and Chinese private and public institutions to be crippled most of the day, and the rest of the world to recoil in shock.”
At Carousel, we’ve been fielding several questions from clients about this issue and how they can best protect themselves (and their sensitive data) from this type of attack. We’ve compiled a Q&A of some of the most pressing questions…
Have questions about improving your security program? Well-versed in every layer of security, our experts will evaluate, recommend and deploy the latest next-gen security. Click to learn more.
What is ransomware?
Ransomware is a type of malware that encrypts a user’s documents, photos, and other files, requiring the victim pay for a decryption key to unlock them. If there are connected devices like a USB drive, those items will be impacted as well.
Once infected, a landing page displays demanding money (typically in the form of Bitcoin) to decrypt the files and return the computer to its normal state. Typically, if the victim doesn’t pay up in a few days, another landing page will display demanding more money and a risk of the files being permanently deleted.
What is the significance of the WannaCry attack?
This is believed to be the largest scale attack ever recorded. Affecting countries around the globe, WannaCry shows how quickly systems can be impacted and brings to the forefront the importance of basic security hygiene—like routine offline data backups and ongoing product patching.
You May Also Like: 3 Ways to Leverage Managed Services for Security
How does this ransomware spread?
Targets becomes victims thanks to phishing emails or suspicious attachments. Once that user’s system becomes infected, the code can scan through the network and make its way to other, unsuspecting victims.
Per Brian Krebs of KrebsOnSecurity.com, “Wanna is spreading with the help of a file-sharing vulnerability in Windows. Microsoft issued a patch to fix this flaw back in March 2017, but organizations running older, unsupported versions of Windows (such as Windows XP) were unable to apply the update because Microsoft no longer supplies security patches for those versions of Windows.”
I want to be proactive against this—and other types—of malware. How can I protect my technology?
The good news about these types of attacks is that it’s mostly avoidable by implementing easy, everyday-hygiene maintenance. Things like backing up data, updating and patching software, and training employees to recognize the signs of someone trying to gain unauthorized access to systems, like a phishing attack, are low-cost, effective methods to keeping data safe.
The number and complexity of today’s (and more importantly, tomorrow’s) threats requires a proactive, layered approach to security. Engage with an expert firm like Carousel to protect your organization’s sensitive assets with the most effective next-generation security solutions—from everything from asset security to threat detection and governance assistance for a comprehensive, full-service security solution.
I think I may be affected with a variation of Wanna. What should I do?
If you think you may be infected with ransomware or another virus, fill out this form to connect to an expert about how react, respond, and remediate the threat within your environment.
You May Also Like: Ransomware and Things That Go Bump in the Night
For technical details regarding the malware, as well as countermeasures you can take, please review the following blog posts: