Mid-Day Monday Update: Global Ransomware Attack

Standard

As of mid-day Monday, May 15, 2017, the second wave of the global ransomware attack that began on Friday, May 12, 2017, does not seem to have materialized.

Unless you have been completely disconnected from the world over the last 3 days, you have heard about the WannaCry ransomware outbreak.  While a kill switch was activated on Saturday, experts remained concerned that a second wave would still hit this morning, when millions of workers came back to work and turned on computers that have been offline.

It does appear that this has happened in Asia, though Europe, where the attack began, seems to have stabilized.  The United States seems to have endured the least impact from this latest attack.  Most sources report that over 200,000 computers in over 150 countries have been impacted.  Given that there are just under 200 countries in the world, this has hit just about everyone, everywhere.

The UK’s National Health Service was the most seriously impacted on Friday.  While they have stabilized most of their systems, they are still reporting, on their home page, that some services remain suspended, though any critical care remains fully operational and people should not hesitate to go to their local emergency center.

Companies from FedEx to Nissan are reporting severe impact, though most have been able to maintain business operations despite the attack.  China and Russia have both reported some serious impact from this attack, which spared no one.  While Europe is still recovering from the attack, with some companies remaining shut down while the infection is cleaned up, the attack was mostly active in Asia, as workers returned to work and powered up their computers that had been off since before the first reports from Europe began emerging on Friday.

What is most troubling is that this attack was preventable, if people had installed a patch that was released in mid-March.  What this attack has clearly shows is that the US is ahead of the rest of the work in being proactive about installing updates to computer systems.  It also showed that while some household name large organizations were hit, in some countries, it was primarily small businesses who got hit.  This confirms a significant fear that I have long had, that most small businesses do not proactively manage their IT, thereby making themselves more at risk than those that do.

It’s best to remain on high alert and exercise extreme caution with email messages containing links and/or attachments.  I suggest verifying with any sender you receive links or especially attachments from.  This attack appears to have spread through an attachment that recipients opened.  Instead of clicking on links in email, retype the link in your web browser, or go to the home page of the site and navigate to the page the link wants to send you to.  If a link has been compromised or is masking a malicious link, this is one way to try to avoid the malicious intent.  The bottom line remains to click or open as little as possible.

The European Cybercrime Centre, Europol EC3 has released an excellent tip sheet on avoiding ransomware. Download and share this helpful tip sheet with everyone you know.

Europol Infographic

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s