WannaCry - Worldwide Attack, Are You Next?

May 17 2017

Modern notebook computer with future technology media symbols.jpeg

A worldwide ransomware attack called WannaCry has hit more than 150 countries since it was released. This massive attack started Friday, May 12th and continues to put organizations and individuals at risk. It has even affected healthcare systems greatly, causing some hospitals in the UK to cancel outpatient appointments. In addition, Taiwan, Ukraine, Russia and Britain have severely suffered from these attacks.

Once the malware reaches its destination, infected computers will display a message stating that your information is locked and will require $300 Bitcoin to retrieve all data. The malware targets Windows Computers because of a flaw in Windows XP.

Since the release date, there have already been multiple variations of the attack. The initial release had a kill switch found by a cybersecurity researcher who registered a domain name that he accidentally found, temporarily preventing the attack.  

The updated ransomware, known as Uiwixhas been improved from the initial attack and no longer contains a killswitch domain. There appears to be new releases of the malware every few days.

According to The Hill, “The anonymous ShadowBrokers, who have been periodically releasing source code and documents believed to have been stolen from the National Security Agency since the summer, announced the new monetization scheme in a post early Tuesday morning. The message was written in broken English typical of the group.”

The message reads:

"Is being like wine of month club. Each month peoples can be paying membership fee, then getting members only data dump each month. What members doing with data after is up to members," the Brokers wrote. 

Here are some ways to protect your organization from a potential ransomware attack: make sure your systems are all up to date, install any necessary patch updates from Microsoft as soon as possible (if you have not done so already), be wary of malicious email attachments (this is a major way the ransomware was spread), and have an offiste backup recovery solution in place. 

To ensure network security, we recommend that you have a team of IT experts that can monitor your systems 24/7 and ensure your systems are updated and backed up. If you don’t have access to full-time certified employees who have the knowledge and expertise to protect your organization, we can help fill the gaps in order to secure your business. Give us a call at (888) 640-9955 or reach out to us here.


Subscribe to Bits & Bytes via Email

Recent Posts