On May 12, 2017 a new strain of the Ransom.CryptXXX (WannaCry) strain of ransomware began spreading widely, impacting a large number of organizations, particularly in Europe.
Wcry is demanding a ransom of $300 to $600 in Bitcoin to be paid by May 15, or, in the event that the deadline is missed, a higher fee by May 19. The messages left on the screen say files will remain encrypted. It’s not yet clear if there are flaws in the encryption scheme that might allow the victims to restore the files without paying the ransom.
Our proactive customers received immediate deployment of MS17-010 which fixes this vulnerability. For future protection please contact us and request your quote on A1 Automation and Management as well as S1 Security Management which includes automated critical update management.
You should also be extremely suspicious of all e-mails you receive, particularly those that ask the recipient to open attached documents or click on Web links.
If you have seen nonstandard activity and believe your information may have been exposed, please contact your IT support immediately or contact us at email@example.com or by phoning 08611 38658.
We have in recent months been deploying mitigation steps at many of our customers of which the following are the most effective countermeasures to the Ransomware threat:
- Mimecast Targeted Threat Protection (scans attachments for weaponised content as well as scan website links which can attempt attacks) – https://www.mimecast.com/products/email-security/targeted-threat-protection/
- Sophos Intercept X (detects, blocks and reverses Ransomware and abnormal activity) – https://www.sophos.com/en-us/products/intercept-x.aspx
For more information on the above protection, contact us at firstname.lastname@example.org.
Remain vigilant and we will ensure that you are provided with the best protection and tools to protect your business.