Two Part Ransomware Is Infecting the Globe
More and more, we have been hearing about ransomware locking our files, but the latest (and so far worst) version is especially dangerous in that it also has the characteristics of a malware worm. This new variant, dubbed WannaCry, is reportedly taking advantage of the stolen NSA tools made freely available in April. Most ransomware requires the victim to download software to their computer when they click on a malicious link. This new malware still requires the end user to click, but once in the network, spreads itself to other vulnerable computers, ultimately may compromise all PC’s on the network.
Recommended Security Actions to Take:
1. Make sure you have backups of critical data, and that these backups are offline (so the malware can’t also infect the backup), and periodically test the backups to make sure they work.
2. Patch your Microsoft desktops and servers against this latest exploit. This malware is so widespread and given the impact to its customers and business, Microsoft has made the unusual decision to offer a patch for operating systems that no longer receive mainstream support (e.g. Windows XP, Windows 2003).
3. Lastly, provide security awareness training to your employees, especially what to do about clicking links.
