Crying Because of WannaCry? You're Not Alone.

May 16, 2017 by Alex Collins, IT Services Consultant

As many are aware, a new ransomware attack was discovered last Friday afternoon that has impacted over 10,000 organizations in over 150 countries. This new variant has a much more destructive payload due to its ability to spread across networks by exploiting a critical vulnerability in Windows computers.

Where Might I Still Be At Risk?

Any endpoint system that may not have the multiple layers of protection of unified management.

If not covered, at minimum ensure you have a 3-pronged defense for your systems:

  • Anti-virus software – active and up to date.

  • Patching – ensure that your Windows systems have all the latest critical patches installed

  • Backups – Ensure you have a backup solution in place and more importantly perform regular test restores of data.

Education & Vigilance is Critical

91% of cyberattacks begin with a spear phishing email and 96% of executives are UNABLE to distinguish a phishing email from a legitimate one 100% of the time.  The WannaCry variant is spread through spear phishing. This initial version will likely spawn variants that will be smarter and try to avoid these traditional protections.

Formal End User Awareness Training

Many organizations are now mandating a formal End User Awareness Training program which can reduce an organization’s security risk by as much as 70%. Incorporating a security awareness testing and training program will be critical to long term success of decreased malware infections today and tomorrow. Services such as All Covered Advanced Security can help implement such programs.

Continued Vigilance

In addition to a formal education program, the single most effective tool today is constant vigilance.

  • PHISHING EMAILS: MOST infections come from users clicking on links in emails. Attackers are very sophisticated and know how to bypass standard SPAM filters. Here is how to identify a phishing email:

    • RECIPIENT ADDRESS: The recipient shows a reputable name like a banking institution or another corporate employee. If you hover over the recipients email address with your cursor you can verify if it is coming from their valid address.

    • GRAMMATICAL ERRORS OR TONE: Is the tone of the content unprofessional or unusual? Are there odd grammatical mistakes?

    • LINKS: BE VERY WARY OF ANY LINK IN AN EMAIL. If you think the email is from a reputable source, first hover over the link with your cursor and verify that the full address is from a recognizable domain. Oftentimes these addresses are spoofed and either the domain name (typically the company name) or top level domain (.com, .org) is from a foreign country.

  • WEB SITES: Many websites are now being corrupted through content on web pages or through banner ads. Do not click on pop-ups or suggested links in news articles or familiar sites that is not directly related to the reason you have visited the site.

If you would like more information on instituting a formal End User Awareness Prevention Program, or have any questions or concerns, contact All Covered.