by Mike Wilson
Posted on 2017-05-17 16:01:37
WannaCrypt, also known as “WannaCry,” is a ransomware attack that made international news headlines for hijacking computer systems across the globe last week. WannaCrypt infiltrated thousands of computer systems and held their files hostage. Hackers demanded $300-$600 worth of Bitcoins for users to reclaim access. Its reach was massive, with over 150 countries falling prey to the malicious software. Businesses in China, UK hospitals, and Russia’s interior ministry were among the victims.
How Does WannaCrypt Work
WannaCrypt is believed to initially breach systems via email attachment – from there, it spreads quickly. The malware exploits a security vulnerability in Windows software called Server Message Block, which is used to transfer data between trusted computers. WannaCrypt employs EternalBlue (an exploit believed to be created by the United States National Security Agency that was later leaked by a hacker group) to spread throughout a business’ system in a matter of seconds, no user activity necessary. Meanwhile, a portion of the code called DoublePulsar installs a backdoor into the infected systems, giving the hacker remote control of the computers.
Reports of new infections have come to a halt, thanks to a malware researcher who discovered a web domain in the code. But this outbreak serves as a wakeup call to businesses and organizations everywhere: protect your IT systems.
The Consequences of Malware
Being the target of a malicious software attack can be costly. It puts sensitive information in the hands of hackers, puts you at risk for losing crucial files, leads to a pricey recoup process, and diminishes customer trust in your business. Your computer systems are home to the very information that keeps your business running – if they are compromised, it can be difficult to recover.
Steps to Better Security
Since ransomware is an imminent threat, it’s important to do everything possible to protect your business from infection. Here’s a list of preventative steps to bolster your IT’s network security:
- Apply available critical and security updates to all computers regularly
- Block potentially malicious files from entering your system using email anti-spam, anti-virus, and employee training initiatives
- Request that employees only open attachments when they are absolutely necessary, and expected to arrive
- Demonstrate additional caution with Microsoft Word for Adobe PDF files delivered by email
- Test and validate data backups regularly
You can detect malicious software in your systems by configuring email alerts from anti-virus agent detections, employing network-based anti-virus and anti-malware software, and setting up monitoring on file servers to detect changes to your files.
How We Can Help
Our team here at Feynman Group has years of experience defending businesses from malware like WannaCrypt. We have expertise in preventative protections, as well as recovery solutions. Through our partnerships with Cisco AMP, OpenDNS, Cisco Firepower, and Datto, we can give your business the best chance of surviving malicious software attacks. This past week showed the world that it’s more important than ever for organizations of every kind to strengthen their IT security. If you’re not sure whether or not your business is properly protected, contact us for a free backup analysis today.