Dangerous new ransomware released Friday


You might have seen that a dangerous new ransomware has been reported on over the weekend and I want to make sure you have all the information you need to make informed decisions about it. It has been reported that hackers are leveraging the recently leaked NSA hacking toolkit to infect and cripple systems all around the world.

The virus, dubbed ‘WannaCry’, exploits a very old vulnerability in Windows systems that allows it to spread over a network. It is so serious that Microsoft has released a patch for Windows XP to address the exploit. Microsoft ended support for Windows XP in 2014, vowing to never release an update again. The patch is security update MS17-010 provided by Microsoft on 14 March 2017. While the patch does prevent the virus from replicating, it does not protect the computer that executes the virus.

Earlier last Friday, May 12th, hackers used phishing emails to lure recipients into installing the ransomware onto their computers and networks. FedEx and other global corporations have reportedly been impacted by the attack. It is believed that the attack was originally designed to target the UK’s National Health Systems, but it quickly spilled into a variety of industries worldwide.

“Kaspersky Lab, a Russian cybersecurity firm, said it had recorded at least 45,000 attacks in as many as 74 countries.” - New York Times

Advantage Technology has not yet received reports of any customers being affected.

It has been reported that WannaCry has been stopped. However, all experts agree that this is only temporary and the impact of WannaCry as just beginning.

What should you do?

Advantage Technology recommends the following actions:

  • NOTIFY ALL employees, emphasizing how important it is to be vigilant and suspicious of any and all emails received from people or companies, even people they know.
  • DO NOT open attachments or click links in emails received from people of companies that you do not know. And be suspicious of people you do know.
  • Keep systems and software including anti-virus up to date with the latest software and security patches.
  • If you suspect you have received a phishing email, notify your IT or security manager
  • Review your backup and verify that it is running properly. Even if you do get infected, a proper backup can save you from having to pay the ransom.

What if Advantage Technology is your IT company?

It is important to understand that Advantage Technology does not do proactive maintenance unless you are part of our managed services program and we have an agreement to do so. We never make changes to a computer systems or networks without first receiving permission. If you are not one of our managed service customers, please call at 866-793-8232 to arrange for our technicians to update your computers. This is also a great opportunity to consider our managed services, we have account managers that would be happy to explain to you the services and work with you to develop a package that will keep you safe and secure and fits within your budget.

If you are already and managed service customer, feel free to call anytime to check on the status of your updates.

Whether you are an Advantage Technology customer or not, if you suspect you have been infected, Advantage Technology can help. Call 866-793-8232.

Further Reading:

Hackers Hit Dozens of Countries Exploiting Stolen N.S.A. Tool

5.12.2017 | New York Times

LONDON — Hackers exploiting data stolen from the United States government conducted extensive cyberattacks on Friday that hit dozens of countries around the world, severely disrupting Britain’s public health system and wreaking havoc on tens of thousands of computers elsewhere, including Russia’s ministry for internal security.

Hospitals in Britain appeared to be the most severely affected by the attacks, which aimed to blackmail computer users by seizing their data. The attacks blocked doctors’ access to patient files and forced emergency rooms to divert people seeking urgent care.

Corporate computer systems in many other countries — including FedEx of the United States, one of the world’s leading international shippers — were among those affected.


Massive cyberattack spreads around the globe

5.12.2017 | New York Post

A massive cyberattack leaked by malware developed by the US National Security Agency swept across the globe Friday after computer networks were locked by a program that demands $300 in Bitcoin. As many as 74 countries were hit by the sweeping cyberattack, including the US, UK, China, Russia, Spain, Italy and Taiwan.


Malware Cyberattack Hits English Hospitals and FedEx, Hackers Demand Bitcoin

5.12.2017 | NBC News

More than a dozen hospitals in England and major companies, including FedEx and Spain's largest telecom, were targets Friday of crippling malware that appeared to be part of a large-scale cyberattack across the world.

U.S. companies were being warned to gird against the threat, which reportedly blocked access to computers in exchange for a ransom.

At least 16 National Health Service hospitals and related organizations were affected in England and another five in Scotland, officials said in a statement.

British Prime Minister Theresa May said the government's cyber security arm was working with the NHS, and confirmed that "no patient data has been compromised."


12 countries hit in massive cyber-heist

5.12.2017 | Engadget

England's healthcare system came under a withering cyberattack Friday morning, with "at least 25" hospitals across the country falling prey to ransomware that locked doctors and employees out of critical systems and networks. The UK government now reports that this is not a (relatively) isolated attack but rather a single front in a massive regionwide digital assault.