|
|
The apparently random attack hit on Friday and spread like wildfire before a malware researcher identified as Marcus Hutchins was able to halt it temporarily a day later, when workers weren't in their offices. That still means that a number of infected systems could still be discovered.
|
|
|
Many experts were predicting that there would be an explosion in infections noticed for the first time on Monday as people returned to work, which has borne out. WannaCry surpassed its previous high of 9.67 bitcoin in a day at 9:24 a.m. and has continued to interrupt businesses globally.
While Microsoft had stopped supporting older versions of Windows, they are pushing out special automatic updates to those systems to block the worm. If you or your organization is running any version of Windows, you could be at risk.
Authorities in the US and UK have issued guidance on what to do:
- Run Windows updates to get the latest version of software updates.
- Make sure that all anti-virus products are up to date and to scan your computer for any malicious programs.
- Never click any links on suspicious emails or websites.
- The best defense against downtime from a ransomware attack is to have an offsite backup to restore files from without having to pay ransom.
The malware spreads by scanning other computers linked to the machine and, through a vulnerability in Microsoft systems, particularly on outdated software like Windows XP and Windows Server 2003. All it takes is for one computer in the network to be infected for all the computers in that network to be compromised.
What to do if you are infected
You'll immediately know whether you're infected — you'll be greeted by a popup screen saying "Ooops, your important files are encrypted."
And by "important," they're talking about your most commonly used files — including .mp3 audios and .mp4 and .avi videos; .png and .jpg images; and .doc and .txt documents. It also targets any backup files you may have made on your computer, so you can't even restore older, safe versions.
Analysts said you should not click the "check payment" or "decrypt" buttons in the popup message, as there has been no evidence that the hackers are giving people their files back once paid. Instead — if you're able to — download and install Microsoft patch MS17-010, which should work on Windows systems going all the way back to Vista.
We want to help customers handle this threat and quickly implement a ransomware business continuity plan. Contact TaylorWorks to set up a free consultation to review your business network or call us at 407-478-6600.
|
|
Tel: 407-478-6600 | Fax: 407-260-9996 | 1435 W. SR 434 Suite 109 Longwood, Florida 32750
Email: help@taylorworks.com | www.taylorworks.com
Copyright © 2017 Taylorworks, Inc., All rights reserved.
|
|
|
|
|
|