Concerned about WannaCry, the latest ransomware attack hitting hundreds of thousands of computers in over 150 countries in recent days? With the right combination of solutions in place, you’re far less likely to be left sobbing over customer data lost from WannaCry or other ransomware attacks. Here is a little bit of information to help inform you of this attack.
The WannaCry (also called WannaCrypt) ransomware attack crippled hundreds of thousands of computers last Friday and continues to wreak havoc this week.
On May 12, 2017 we detected a new ransomware that spreads like a worm by leveraging vulnerabilities that have been previously fixed. While security updates are automatically applied in most computers, some users and enterprises may delay deployment of patches. Unfortunately, the ransomware, known as WannaCrypt, appears to have affected computers that have not applied the patch for these vulnerabilities. While the attack is unfolding, we remind users to install MS17-010 if they have not already done so.
WannaCry uses remote code execution to breach a system, encrypt the data, and then demand a ransom be paid through Bitcoin, as nearly all ransomware since CryptoLocker and Breaking Bad have done. Making it even more devious, the exploit is worm-like, so it can crawl easily from one system to another.
“The worm functionality attempts to infect unpatched Windows machines in the local network. At the same time, it also executes massive scanning on Internet IP addresses to find and infect other vulnerable computers,” Microsoft explained.
Treasure Valley IT, Inc. is at the forefront of leading experts in the industry that are actively combating WannaCry and working to prevent future ransomware attacks. Treasure Valley IT, Inc. takes a three-pronged approach to achieve this.
First, prevent breaches by patching. Treasure Valley IT, Inc. utilizes a system that automatically keeps servers, workstations, and remote computers up to date with the latest important security patches and software updates. And if you are already a customer of ours, you have already accomplished the first step in combatting this attack. If you are not a customer, call us immediately to help ensure your systems are up to date.
Second, protect your infrastructure with an antivirus or anti-malware solution. With our Virus administration software, our administrators can configure and deploy across your entire network while providing real-time status updates and alerts to ensure maximum security to your system. We will make sure that every workstation and server on your network is protected and up to date with the most current virus software.
And last but not least make sure you have a good viable backup of all your data. This is the key to getting your data back and restoring you to a functional operating state should you fall prey to this attack. This is the MOST important step in protecting your business and your data. If you are an existing customer of Treasure Valley IT’s managed services you have the option of our imaged based backup software. We can help you back up your data onsite at your office or we can deliver your data to the cloud safely and secured. With our back up service offering we will ensure data is safe, allowing us to recover your systems quickly with minimal disruption to your business. As you read through blogs and information regarding this virus, paying the ransom never really works. So don’t fall prey to their scam that you will get your data back. You need to make sure that you have a backup to restore from and we can help you do this.
To learn more about WannaCry and how it might impact your business please call us at (208) 367-1000.