WannaCry Ransomware Malware

What is WannaCry?

WannaCry is an insanely fast-spreading ransomware malware worm that leverages a Windows exploit to remotely target unpatched or unprotected Windows computers.

 

Because WannaCry is the first ransomware worm, it can spread itself by scanning for other vulnerable computers connected to the same network, or on the wider Internet, to spread quickly. This attack may cause follow-on attacks by installing backdoors.

 

How Likely are You to Get Attacked by Ransomware?

Unfortunately, ransomware is becoming very common. Ninety (90%) of IT managed services providers reported that some of their customers had ransomware in 2016. Generally, the infected pay the ransomware or lose their data forever.

 

So far since May 11 2017, over 220,000 computers (most Windows 7) across 150 countries around the world have been infected with the WannaCry malware, and the infection is still rising. This compared to around 500,000 infected ransomware computers for all of 2016.

 

Ransomware Implications for Companies

The biggest implications of WannaCry and ransomware in general are Loss of productivity and loss of data. We have many companies calling us each week reporting attacks on their computers and lost data. While there are no 100% protective solutions for security, companies can use expert security partners to help them define and implement best-practices solutions and significantly reduce their risk.

 

Top Causes of Ransomware

Ransomware like other malware typically gets a foothold in your computer network by first exploiting your employee’s willingness to open emails, attachments and click on Web links. Many of these risks are preventable.

  1. Phishing Emails
  2. Untrained Employees (Security)
  3. Malicious Website/Web Ads

 

Top 10 Ways to Prevent All Ransomware

Here are the top 10 ways to prevent WannaCry, ransomware, and advanced malware. Don’t be put off by the size of the list or the potential cost. By working with a security partner, a customized affordable solution for your company can be provided. The good news is that these recommendations will help eliminate many security problems not just ransomware.

 

  1. Get a 3rd party security risk assessment. This is the most important way to prevent WannaCry and other ransomware and is step #1 to understanding your security posture and what you need to do about it.
  2. Implement an automated patch management program for everything. Windows, apps, browsers, plug-ins, even IoTs
  3. Use a strong email security solution. Anti-phishing technology, anti-spam, anti-malware and archiving
  4. Purchase a Security Awareness Training (SAT) and phishing simulation solution. Annual bundled subscriptions.
  5. Backup your systems and data. Make sure that some forms of that backup are ‘offline” so that they don’t get encrypted by ransomware. Using a sophisticated backup solution provides “instant” recovery of servers and fast data restoration. Test it frequently. Use a backup solution that provides “continuous file backup”.
  6. Secure UTM Firewall – Don’t skimp. Firewalls protect from malware, Web, mail, hacker, cloud apps and more.
    1. Set up your firewall correctly – Use a 3rd party expert to help or to provide complete firewall management.\
    2. Purchase a firewall with advanced threat technology (usually an optional subscription).
      1. Malware sandboxing (deep analysis)  & Detecting & correlating threats at the firewall and endpoint
  7. Use a Next Generation Endpoint security (A/V+) solution. Latest generation solutions include core security plus behavior monitoring, advanced threat/ransomware prevention, patch management, forensics, desktop firewall, mobile security and more. Integration with your firewall is another plus when available.
  8. Use a security monitoring solution (SIEM). This provides monitoring of ALL your security solutions, servers and desktops and correlation of the information to detect threats, attacks and to do forensic analysis after an attack.
  9. Secure your Cloud based applications and back up the data in a secure place. Check out your provider.
  10. Use an expert third party security partner to help you manage, install, configure, select & purchase, and to identify your gaps and prioritized solutions.

 

Summary

Ransomware and their derivatives are here to stay and the number of affected companies are growing each year. If you are successfully attacked, your company may lose days of work, lose customers, and lose key data.

 

So, like insurance, this is the time to invest in the proper balanced security to avoid a future problem. Get someone to help you design a security solution that provides security in all the key areas that your business needs.

 

eSecurity Solutions helps their customers by providing risk assessments and prioritized solutions. We also help customers Implement or provide completely outsourced security management for any of the areas in the top 10 list above.

 

Contact us and we can work together to define the security partnership that you need.

 


Other Facts about WannaCry

  • First discovered on May 11, 2017
  • Largest Ransomware Infection In History
  • This ransom-ware supports 28 different languages, encrypts 179 different type of files
  • WannaCry requires its victims to wire money ($300-$600) over bitcoins
  • Targets unpatched Windows machines (but excluded Windows 10).
  • Even backups can be infected. Connected backups will be encrypted.
  • Exploited a Windows software flaw, (MS17-010), using an exploit believed to have originated with the NSA but leaked in April by the Shadow Brokers hacking group. Microsoft has released a patch to fix the problem, and even updates to Windows XP, Windows 8, and Windows Server 2003.”

 

Simple Share Buttons
Simple Share Buttons
X