May 15, 2017
WannaCry Ransomware Threat Information
As you may be aware, a new threat, named WannaCry, emerged over the past few days and has affected hundreds of thousands of systems in over 150 countries. This threat is classified as Ransomware, as it encrypts files on the compromised system and demands payment to release the decryption key. The following link contains more information about this specific threat, and Ransomware in general:
The core VirtuWorks infrastructure was protected against WannaCry, as the necessary vulnerability patch to was applied shortly after it's release in March, as part of our standard security update procedures. As of this alert, VirtuWorks has received no notice of customers enrolled in our Managed IT or Virtual Office Services having been affected by this outbreak. However, we are watching the issue closely, and will take further action, where necessary, to protect our systems, and those of our Managed customers.
While much of what is necessary is taken care of by VirtuWorks for our Managed Customers, below is a list of precautions you can take to better safeguard against this and other security threats:
Keep your operating systems current
- If you have been putting off upgrading PC's in your office, now is the time to catch up. Machines running Windows 10 were not subject to this vulnerability. Cyber threats are here to stay. The very least you can do is make sure your systems are equipped with the latest technology to combat them.
Make sure your PC's are set to update automatically
- Updates are how the majority of patches are applied. Having them happen automatically can save you a lot of grief. Remember to leave your PC's powered-on overnight, as this is when updates are typically set to run.
Back up critical data
- While customers in the VirtuWorks can rest assured knowing that their data stored on our infrastructure is backed up, it's worth mentioning that data saved to your local desktop or elsewhere on your hard drive may not be. Take some time to make sure all critical data is being saved properly.
Lock down machines
- We know it's a hassle to request assistance to install applications or change certain settings. But we promise, infecting your machine, and possibly your entire company's network, will be much worse. Make sure admin rights are properly protected.
DO NOT open email attachments unless you are expecting to receive them, even if you recognize the sender
- This is HUGE. Email is the single-most utilized distribution method for malicious code. Treat it as such. Unless you have requested a file from the sender, or can pick up the phone and verify with them what is attached, DO NOT OPEN EMAIL ATTACHMENTS.
Restrict access to network resources
- Ransomware can only encrypt what it can access. Make sure users only have access to what they absolutely need.
Make sure your anti-virus is running
- Make a habit of glancing at your system tray (little icons next to the clock) to make sure your anti-virus is running. Issues can happen from time to time that may crash a process or prevent applications from starting.
If you have any questions about this outbreak, what VirtuWorks is doing to protect your business, or other services we provide that may benefit you, please contact us immediately.
The VirtuWorks Team