RANSOMWARE - WannaCry
|
Last Friday a new malware worm was released based on the leaked NSA exploits from earlier this year. This paired the cryptolocker variants with a way to automatically spread itself on an infected network and hold personal & business files hostage until a bounty is paid. This attack has been so damaging, that Microsoft has issued special patches for legacy operating systems including Windows XP & Server 2003. Going forward this is not guaranteed however, so please reach out to ZR Systems if you still have legacy systems running so we can work on a migration path for you. As ZR Systems Managed customers, we are pleased to let you know that we have had zero security incidences as a result of this attack. We work to protect you on multiple fronts depending on the technology you have chosen to utilize: Sonicwall Gateway Protection – Customers with active subscriptions or on ZR Systems Firewall as a Service program have been protected at the gateway since mid April. For additional information on how sonicwall identified the issue, you can checkout their blog Fortinet Gateway Protection – Customers with active Fortinet subscriptions have also been protected as of last week’s security update. Webroot SecureAnywhere Antivirus – Every endpoint (Servers & Workstations) managed by ZR Systems has Webroot SecureAnywhere installed which utilizes a realtime scanning engine that captures new variants in real time before they spread across your network.
Proactive System Patching – Patches are installed weekly for all systems under management, and monitored regularly by our Network Operations Center. The vulnerability used by this attack was patched by Microsoft back in March and was pushed out to all of our agents. Below is our global compliance statistics for our client base.
System Backups – The last line of defense against these types of attacks are backups. ZR Systems works with every client to make sure they have backup technologies in use to ensure we can recover files, system data, and applications. There is also a premium service available that can run your systems on premise or in the cloud in case of any issues that arise. Please be advised that even with these all in place, you and your staff are the most important line of defense in securing your business from threats like WannaCry. If you have any questions about a suspicious e-mail or website, please contact our Help Desk at (808) 369-1000. |
Additional References:
http://www.telegraph.co.uk/news/2017/05/12/nhs-hit-major-cyber-attack-hackers-demanding-ransom/
http://www.npr.org/sections/thetwo-way/2017/05/15/528451534/wannacry-ransomware-what-we-know-monday
