• SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us

Call us today! 844-OCD-TECH

Find our Location
OCD TechOCD Tech
  • SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us

WannaCrypt Malware Is Especially Nasty

May 15, 2017 Posted by Michael Hammond, CISA, CRISC, CISSP Cybersecurity, IT Security

Two Part Ransomware Is Infecting the Globe

More and more, we have been hearing about ransomware locking our files, but the latest (and so far worst) version is especially dangerous in that it also has the characteristics of a malware worm.  This new variant, dubbed WannaCry, is reportedly taking advantage of the stolen NSA tools made freely available in April.  Most ransomware requires the victim to download software to their computer when they click on a malicious link.  This new malware still requires the end user to click, but once in the network, spreads itself to other vulnerable computers, ultimately may compromise all PC’s on the network.

Recommended Security Actions to Take:
1.  Make sure you have backups of critical data, and that these backups are offline (so the malware can’t also infect the backup), and periodically test the backups to make sure they work.
2.  Patch your Microsoft desktops and servers against this latest exploit. This malware is so widespread and given the impact to its customers and business, Microsoft has made the unusual decision to offer a patch for operating systems that no longer receive mainstream support (e.g. Windows XP, Windows 2003).
3.  Lastly, provide security awareness training to your employees, especially what to do about clicking links.

Share
0
Avatar photo

About Michael Hammond, CISA, CRISC, CISSP

Joining the firm in 2012, Michael is the Principal of IT Audit Services. Michael has twenty years of extensive Information Technology expertise in various disciplines, including operations, control design and testing. Previously, Michael was Vice President and Senior IT Audit Manager at State Street Corporation and is a veteran of the United States Air Force.

You also might be interested in

OCD Tech Takes 1st in Capture the Flag Event

OCD Tech Takes 1st in Capture the Flag Event

Oct 30, 2019

Saturday, October 26th was not a typical weekend afternoon for[...]

The LastPass Breach, and What it Means for Customers.

The LastPass Breach, and What it Means for Customers.

Jan 13, 2023

On December 22, 2022, popular password manager LastPass issued a[...]

DFARS Clause and NIST SP800-171 – Are You Covered?

Feb 27, 2017

Do you work with the Department of Defense (DoD)? Does[...]

Find us on

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Send Message
OCD Tech logo Audit. Security. Assurance.

IT Audit | Cybersecurity | IT Assurance | IT Security Consultants – OCD Tech is a technology consulting firm serving the IT security and consulting needs of businesses in Boston (MA), Braintree (MA) and across New England. We primarily serve Fortune 500 companies including auto dealers, financial institutions, higher education, government contractors, and not-for-profit organizations with SOC 2 reporting, CMMC readiness, IT Security Audits, Penetration Testing and Vulnerability Assessments. We also provide dark web monitoring, DFARS compliance, and IT general controls review.

Contact Info

  • OCD Tech
  • 25 BHOP, Suite 407, Braintree MA, 02184
  • 844-623-8324
  • https://ocd-tech.com

Follow Us

Videos

Check Out the Latest Videos From OCD Tech!

Services

SOC Reporting Services
– SOC 2 ® Readiness Assessment
– SOC 2 ®
– SOC 3 ®
– SOC for Cybersecurity ®

IT Advisory Services
– IT Vulnerability Assessment
– Penetration Testing
– Privileged Access Management
– Social Engineering
– WISP
– General IT Controls Review

IT Government Compliance Services
– CMMC
– DFARS Compliance
– FTC Safeguards vCISO

Industries

  • Financial Services
  • Government
  • Enterprise
  • Auto Dealerships

© 2025 — OCD Tech: IT Audit - Cybersecurity - IT Assurance

  • OCD Tech
  • About Us
  • Contact Us
Prev Next