As many of you are well aware, a nasty piece of malware known as “Wannacry” began compromising computer networks in Europe last Friday. WannaCry is a ransomware computer worm that targets computers running the Microsoft Windows operating system. Within hours it had spread to over 100 countries globally. Wannacry initially infected a computer host through a phishing attack containing a nefarious embedded link. From there, it would take advantage of a known vulnerability in the operating system, encrypt files and/or file shares and demand a ransom in bitcoin currency of approximately $300.00. The malware would then spread as a worm to other hosts through connected networks repeating the same behavior.
Having explained Wannacry, there are two more important things we want you to know about ransomware and your computers security.
First thing
Interestingly enough Wannacry exploited a known vulnerability that was addressed by Microsoft and fixed with a patch in March. We patch workstations through Microsoft’s Windows Server Update Services (WSUS) on a monthly basis after manual inspection and approval. What’s important to note is that those patches are useless if you ignore or postpone system updates. So, save your work and restart your computer so that your computer is protected.
And the second thing
We want to emphasis the importance of being mindful of any email that looks suspicious or redirects you to a website where your email address or password are requested. We’ve said it before and we will say it again. Phishing scams continue to be our number one security obstacle. So never, ever, ever enter in usernames or passwords. Never. And if there is ever a doubt, contact your System Administrator immediately.