WannaCry Virus Outbreak – Our Response and Recommendations
Last Friday the single most prolific and fastest-spreading computer virus of all time was unleashed upon the world, wreaking havoc on businesses large and small in over 100 countries. The WannaCry ransomware virus began spreading through infected email attachments, first in hospitals in the UK and then to the world at large. WannaCry, like other ransomware, encrypts the target computer’s files and then demands a ransom, via Bitcoin, to decrypt the files. Ransom demands usually range from between a few hundred and a few thousand dollars. Given that ransomware encryption is virtually unbreakable, users have little choice; either lose their files or pay the ransom.
At VanTech, we first started hearing reports of WannaCry early friday afternoon. After a quick threat analysis, we found out that Microsoft released a patch (MS17-010) in March of 2017 that addressed the specific vulnerability that WannaCry was exploiting to infect Windows operating systems. We determined that a proactive, hands-on approach was necessary, not only to ensure the security of our client’s systems, but also to give our customers the peace of mind they desire.
Our approach was simple: get eyes on every single managed device, ensure that patch MS17-010 was installed and document our efforts.
Between the hours on 8pm and 1am, VanTech staff, along with several temporary employees, logged on to every machine we manage and manually confirmed the installation of MS17-010. The effort was great, and the result was the absolute assurance that our assets were safe.
We will most definitely face new and more sophisticated computer viruses and cyberattacks in the near and distant future. Loss of data and productivity will cost US businesses billions of dollars. It is a certainty.
VanTech offers these recommendations for securing your IT environment to minimize your future risk:
- Network Firewalls – There was a time when popular opinion suggested that enterprise network firewall solutions were only for enterprise level businesses. Not anymore! It is now more important than ever for all businesses to invest in a network firewall that can stop attacks before they make it to the end-user. In some cases, advanced threat protection at the firewall level succeeded in blocking WannaCry infected attachments before they hit user’s inboxes.
- Cloud Backup – Online offsite backup is essential for all businesses. Data loss comes in all shapes and sizes, but data loss from ransomware can be quickly reversed with a ransom resistant cloud backup solution.
- Advanced Email Security – The days of setting up your own mail server or using public email options for your business are over. Ransomware almost always spreads through email attachments, and email with advanced security can often strip out infected files before they reach your inbox.
- Desktop Antivirus – The proverbial last line of defense. Should all else fail, and a threat makes its way through the layers of protection offered from the firewall and email security, local desktop antivirus can detect and remove threats already on your system.
VanTech has many options available for all these solutions, we’ll be happy to assess your business’s needs at no cost. Data security is no longer optional. It’s time to take action.