WannaCry Ransomware Protection and Countermeasures
You may have heard that a massive ransomware attack, spread via email, infected systems in as many as 99 countries including the U.S. Ransomware is software that encrypts victim’s data and demands a ransom to unlock it. The attack has locked over 75,000 computers and caused major IT disruptions for multinational corporations across several industries. We’d like to explain how this attack – WannaCry Ransomware – spread, and what countermeasures are available to protect your organization against ransomware.
Unpatched Operating Systems
This particular ransomware variant takes advantage of a vulnerability, or flaw, in Microsoft desktop and server operating systems. While Microsoft released a patch to fix this flaw on March 14, 2017, some systems still remained unpatched for various reasons. WannaCry was able to infect systems that did not have the March 14th patch applied. By a stroke of luck, a UK-based company by the name of MalwareTech was able to shut down the WannaCry operation, at least temporarily. However, if businesses were already infected prior to MalwareTech's effort, they may be out of luck.
4 Simple Ways to Avoid RansomWare
1. Routine System Patching
iCorps takes patching seriously and prioritizes patches when they are released. If iCorps does not manage your patches or you are on a patching cycle that would not include the March 14th patch, we highly recommend patching your systems now. Please contact your consulting team if you need assistance. iCorps helps clients implement technology such as Microsoft’s Enterprise Mobility + Security that enables organizations to streamline patching.
2. Managed Security
For those of our clients utilizing our Managed Security service, our partner SonicWALL released a signature in April to protect against this threat. iCorps provides endpoint protection through this managed service.
3. Up-to-date operating system
Updated Windows 10 systems were not impacted by this attack. Additionally, any clients on Windows 10 Enterprise have the added benefit of Advanced Threat Protection (ATP) which is immune from this type of threat as well as having built-in zero-day countermeasures (important to protect against some of the most dangerous threats).
4. Data backup
For those of our clients utilizing our iCorps Guardian (data backup and disaster recovery service), you can rest assured that your data and systems are backed up. Having this safeguard in place would allow you to bypass the ransomware altogether and allow iCorps to get your IT systems back up and running within hours.
iCorps considers cybersecurity to be of utmost importance for its clients and takes these types of events seriously. If you have any questions about the countermeasures explained above or the ransomware attack, contact us for a free consultation. We are happy to answer any questions or work with you further to improve your company’s security posture.