Wannacry Ransomware Attack

The recent ransomware exploit commonly referred to as wannacry or wannacrypt attacks operating systems on vulnerable servers and PC's. It is not directed at nor does it have application level effects on an individual web site. So, for the most part, Site owners need take no action regarding your sites. That free advice should be taken with a grain of salt and you are encouraged to check with your IT and IS resources.

If you have received an email or other notification from your site host, that communication should tell you what they have done or are doing to ensure that the environments in which your site is hosted have been or will be appropriately patched. Any questions regarding this exploit as it relates to your web site should be directed to your web site host.

That said, as noted above, this exploit targets PC's as well. If you are using a current operating system and you or your IT staff have Windows Update set to run automatically, your systems should have been patched by the MS17-010 fix released by Microsoft in March 2017. If you aren't current on your updates, you should immediately update.

If you are using an operating system that is no longer supported, Microsoft has released patches for many of them. See the end of this article for a list of affected systems and links to download security patches:

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

In addition to patching, you may want to turn off an older version of a network protocol that the exploit takes advantage of - SMBv1.

The article above contains a link to Microsoft's instructions for that and this article from the community contains step by step instructions:

https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07

This CNBC article provides a non-technical summary of suggested next steps for affected and non-affected users:

http://www.cnbc.com/2017/05/15/ransomware-wanncry-virus-what-to-do-to-protect.html

and re-iterates the following suggestions - which have always been best practices:

Keep your systems up to date and patched
Keep your Anti-virus up to date
Keep a backup of all your data

Stay safe out there!

Posted by Coho Sample Wednesday, April 12, 2017 5:47:00 PM Categories: Security

Previous Post << >> Next Post