ATTENTION ONLINE AND SELF-PROCESSING CREDIT UNIONS
By now you may have heard about the massive ransomware attack that began on Friday and potentially affected tens of thousands of computers in 100 or more countries. The media was quick to report the story, as well as news of the young security researcher that helped slow the spread of the malware by finding a “kill switch” in the ransomware’s code. However, this does not mean the risks have passed, as new variants of WannaCry (WannaCrypt0r) have already been released to the internet.
|What is WannaCry?||WannaCry is a form of malware known as ransomware. Vulnerable Windows computers that come into contact with WannaCry will be encrypted and the user will be prompted to pay $300 to decrypt the files. The ransom increases to $600 after a few days, and then threatens to delete all files after a week.
What makes WannaCry more dangerous than other ransomware is that it actively seeks to infect any other computer it can reach across the network. It uses an older Microsoft SMB v1 file share protocol to seek out and infect other machines. It may also spread via email attachments. WannaCry also installs a backdoor to facilitate communication with the author.
|Where did WannaCry come from?||Its origins are not yet known. However, the authors are using a Microsoft Windows vulnerability published as part of the Shadow Broker archive of NSA hacking weapons that was stolen from the US government agency. Microsoft released a patch (MS17-010) in March in response to this vulnerability.|
|What should you do about WannaCry?||If you are a CNS Complete Care Client, we have already applied the necessary patches to protect your network.
If you are not a Complete Care Client please contact your IT provider or our Help Desk for assistance.
Malware is a real risk for any connected computer system, regardless of the type (PC, mobile device, etc.) However, following general security practices can greatly reduce the risk and impact of malware:
If you have any questions, contact the Help Desk