New large-scale ransomware attack underway
Friday, May 12th, 2017
The BBC is reporting a new worldwide ransomware attack is currently underway. Victims have thusfar been in reported at least 74 different countries. The UK’s National Health Services, Spain’s largest telecom provider, Telefónica, and FedEx have all reported being hit by this new variant called WannaCry.
While the ransom requested by the perpetrators is currently only $300 worth of bitcoin, the damage in productivity is always much more difficult to calculate. Plus, there’s no guarantee that paying the ransom will result in your files being decrypted. The original source for this variant is thought to use the ETERNALBLUE exploit, which was originally developed by the fine folks at the NSA. The exploit takes advantage of a vulnerability in Microsoft’s SMB protocol.
What’s different about this variant of ransomware is that once a machine is infected inside an organization’s network, the program will actually hunt down other vulnerable machines and infect them as well. This makes it very different and very dangerous compared to previous malicious programs like this.
What can you do to protect yourself?
- Don’t open email attachments from people you don’t know (or aren’t expecting)
- Carefully examine the links in emails to be sure they’re valid
- If you have some type of web content filtering available, make sure it’s enabled
- Don’t visit “questionable” websites — you know the type I’m talking about
- Back up your data. If you do get infected, the surest solution is to have a good backup that can be restored
- Because no type of antivirus program will stop everything, the best type of protection is a multilayered approach utitlizing more than one type of protection. Contact Andrews and Associates today and let us help protect your business!