An extremely worrying development has occurred in the cyber-security world over the weekend with a major ransomware attack that is reported to have affected over 200,000 computer systems in at least 150 countries at time of writing. The National Health Service (NHS) in the UK has had at least sixteen medical centres/trusts impacted so severely that planned surgeries were cancelled and locations closed. In addition to government organisations several private companies have reported also being affected including multi-nationals such as Nissan and Renault who were forced to halt production in their UK and French factories respectively. Currently at least twelve organisations within Australia have reported that they are affected by this particular attack.
At least twelve organisations within Australia have reported that they are affected by this particular attack
It is not confirmed what the source of the initial ‘WannaCry’ ransomware attack was, however the method used to gain access to its victim’s systems is known. The malware used a previously identified exploit (that had been officially patched by Microsoft in their March 2017 update for Windows) to gain access and then encrypt the filesystem in typical ransomware fashion.
The malware used a previously identified exploit to gain access and then encrypt the filesystem in typical ransomware fashion
‘WannaCry’ ransomware relies chiefly on exploiting vulnerabilities in Microsoft’s implementation of the Server Message Block (SMB) protocol. All users using unsupported Windows Operating Systems should be considered vulnerable. Due to the severity of the situation Microsoft made the unprecedented move to release security updates for their previously unsupported operating systems.
All users using unsupported Windows Operating Systems should be considered vulnerable
To help prevent the ‘WannaCry’ ransomware from affecting your organisation it is advised to ensure that all system security updates are enabled and kept up to date in a timely manner. It is also important to ensure that any internet connected devices in use are not using an unsupported version of operating systems (such as XP or Windows 7) as these are considered an extreme risk.
It would also be beneficial to seek the services of cybersecurity organisations to help identify and mitigate any remaining vulnerabilities in your organisations systems.
For further information on the impact of WannaCry and services we provide to help mitigate all types of Malware do not hesitate to contact Agilient.
The Agilient Team