• SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us

Call us today! 844-OCD-TECH

Find our Location
OCD TechOCD Tech
  • SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us

WannaCrypt Malware Is Especially Nasty

May 15, 2017 Posted by Michael Hammond, CISA, CRISC, CISSP Cybersecurity, IT Security

Two Part Ransomware Is Infecting the Globe

More and more, we have been hearing about ransomware locking our files, but the latest (and so far worst) version is especially dangerous in that it also has the characteristics of a malware worm.  This new variant, dubbed WannaCry, is reportedly taking advantage of the stolen NSA tools made freely available in April.  Most ransomware requires the victim to download software to their computer when they click on a malicious link.  This new malware still requires the end user to click, but once in the network, spreads itself to other vulnerable computers, ultimately may compromise all PC’s on the network.

Recommended Security Actions to Take:
1.  Make sure you have backups of critical data, and that these backups are offline (so the malware can’t also infect the backup), and periodically test the backups to make sure they work.
2.  Patch your Microsoft desktops and servers against this latest exploit. This malware is so widespread and given the impact to its customers and business, Microsoft has made the unusual decision to offer a patch for operating systems that no longer receive mainstream support (e.g. Windows XP, Windows 2003).
3.  Lastly, provide security awareness training to your employees, especially what to do about clicking links.

Share
0
Avatar photo

About Michael Hammond, CISA, CRISC, CISSP

Joining the firm in 2012, Michael is the Principal of IT Audit Services. Michael has twenty years of extensive Information Technology expertise in various disciplines, including operations, control design and testing. Previously, Michael was Vice President and Senior IT Audit Manager at State Street Corporation and is a veteran of the United States Air Force.

You also might be interested in

MFA CYBERSECURITY SHIELD YOUR BUSINESS

MFA Cybersecurity Shield Your Business Needs 

May 28, 2024

Why Your Employees Might Resist It  Imagine your business as[...]

OCD TECH BIOMETRICS CYBERSECURITY

Biometrics Authentication, strengthening Cybersecurity

Jul 14, 2023

As technology continues to advance, so do the methods used[...]

Open Source Intelligence

Won’t You Be My Neighbor?

Jun 14, 2022

Conducting Old School OSINT A man bumps into you in[...]

Find us on

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Send Message
OCD Tech logo Audit. Security. Assurance.

IT Audit | Cybersecurity | IT Assurance | IT Security Consultants – OCD Tech is a technology consulting firm serving the IT security and consulting needs of businesses in Boston (MA), Braintree (MA) and across New England. We primarily serve Fortune 500 companies including auto dealers, financial institutions, higher education, government contractors, and not-for-profit organizations with SOC 2 reporting, CMMC readiness, IT Security Audits, Penetration Testing and Vulnerability Assessments. We also provide dark web monitoring, DFARS compliance, and IT general controls review.

Contact Info

  • OCD Tech
  • 25 BHOP, Suite 407, Braintree MA, 02184
  • 844-623-8324
  • https://ocd-tech.com

Follow Us

Videos

Check Out the Latest Videos From OCD Tech!

Services

SOC Reporting Services
– SOC 2 ® Readiness Assessment
– SOC 2 ®
– SOC 3 ®
– SOC for Cybersecurity ®

IT Advisory Services
– IT Vulnerability Assessment
– Penetration Testing
– Privileged Access Management
– Social Engineering
– WISP
– General IT Controls Review

IT Government Compliance Services
– CMMC
– DFARS Compliance
– FTC Safeguards vCISO

Industries

  • Financial Services
  • Government
  • Enterprise
  • Auto Dealerships

© 2025 — OCD Tech: IT Audit - Cybersecurity - IT Assurance

  • OCD Tech
  • About Us
  • Contact Us
Prev Next