As many of you will have seen on the news there was a large global Cyber-attack launched yesterday. The attack targets flaws in unpatched Windows systems by infecting them with malware known as ‘Ransomware’. Ransomware infects user machines by encrypting data and then asking for a ransom payment in order to get the data back. While this type of attack is not uncommon the difference with this particular strain is that after an initial infection the malware can spread by itself without requiring any user interaction so the potential for large scale infections impacting entire networks is high.
Machines are infected by users opening malicious attachments in e-mails, by clicking malicious links in emails or by visiting infected websites. A patch to protect against the attack was released by Microsoft in March meaning that machines that are running the latest Microsoft patches should not be impacted. Companies who do not update their systems or those running older operating systems such as Windows XP are not protected and are at a high risk of infection.
Our security vendors are releasing updates to protect against infection however it is likely that different variants of the malware will be created in the coming days and months.
Steps to take:
Contact all of your users and ask them to be highly cautious when opening attachments or clicking links in e-mails (do not include links or attachments in your e-mail to them).
Ask users to report any suspicious behaviour on their computers. Please ask them not to forward the suspicious emails but instead call if they’re unsure.
Inform IT if you have become victim to the attack.