In Motion Networks

Urgent Ransomware Alert

Written by Scott Chester | May 15, 2017 9:46:04 AM

You may have seen the news this weekend. Criminal hackers have released a new strain of ransomware that spreads itself automatically across all workstations in a network, causing a global epidemic. If you or a co-worker are not paying attention and accidentally open one of these phishing email attachments, you might infect not only your own workstation, but immediately everyone else’s computer too.

Be very careful when you get an email with an attachment you did not ask for. If there is a .zip file in the attachment, do not click on it. When you see a suspicious email, click on the Phish Alert Button, which forwards this email to the IT team and safely deletes it at the same time. If you don’t have the Phish Alert button, delete the whole email. Remember: “When in doubt, throw it out!

Background

In case you haven’t heard, the NSA developed software to exploit a vulnerability they found in Windows Operating Systems. This exploit, which should have been protected like our nuclear arsenal, got into the hands of some cyber criminals and they have used it to infect over 200,000 systems worldwide. The number of infected systems is increasing as you read this! This doesn’t just install a backdoor as the NSA had designed, it uses ransomware to lock the files on your computer and other systems it can find. Your only option is to pay the ransom to get your files back or wipe the infected computers and hope your backups are working properly.

While we are taking all precautions possible on managed systems, it is imperative to not click links or open attachments in suspicious emails. If anything seems off, use the phish alert button or delete the message. If you are expecting an attachment from someone and the message content, links or attachments seem off, use another method to communicate with the sender (phone, text, etc.) and verify the content of what they sent you. You are the first and last line of defense!

If you are interested in reading more about this attack, please see Ransomware Attack Uses NSA 0-Day Exploits To Go On Worldwide Rampage.