WannaCry Ransomware Global Attack is current attack on company data across the globe. Europe was hard hit last week and it is expected the US will suffer similar attacks. Be extra careful opening attachments and links on other websites. In some cases legitimate websites are being targeted to spread the offending code. For example a hospital I recommend “Right-Clicking” and scan the file or link before opening.
The worst issue that is being dealt with by victims is this: the files touched by the attack are encrypted and the attacker is the only source for the key to reverse that. This can have dire consequences, especially in the healthcare sector. Encrypted patient records, doctor’s files and other items may not be usable or accessible unless there is a good backup to restore.
The code encrypts all files and changes the file extensions of files to .dharma. It then crawls the LAN and in some cases through VPN and Offline mounts.
Tips to try and avoid infection are :
- Keep operating system up-to-date and patched
- Use latest version of your Anti-Virus available
- Don’t open unwanted emails
- Right-Click and “scan” all attachments – even those whom are normally trusted resources as they may have been affected without knowing so.
- Dismount backup drives after backups complete as to isolate them from the Network.
- Remount prior to scheduled backup
- Have an Offsite Storage Plan like Carbonite or Code42
- One Drive and Dropbox files will be affected and therefore are not viable backups if mounted.
- Have a Virtual Machine Disaster Recovery System in Place such as StorageCraft ShadowProtect.
If you should fall victim to this attack, we can help. Better yet if you do not have a “Disaster Recovery Plan” in place call us today to help get your systems protected.
Do NOT Pay the Ransom, there is no guarantee the files will be de-encrypted or will not just suddenly re-encrypted again in the future.
The best defense is planning , preparation and active monitoring.