IMPORTANT INFORMATION REGARDING THE CURRENT RANSOMWARE OUTBREAK
As you’ll likely have noted from recent media coverage, on Friday 12th May a new type of ransomware (named variously WannaCrypt/WannaCry/WCry) began appearing on computers running Microsoft Windows worldwide – within a matter of hours this infection spread to tens of thousands of devices across nearly 100 countries, causing significant issues for the affected organisations (including the NHS in the UK).
Whilst Friday’s outbreak was subsequently halted through the actions of security professionals, new variants have already begun to appear which cannot be controlled in the same way and that extend the risk of damage to organisational data.
What Is The Risk?
Ransomware is not new – this malicious software (malware) is designed to strongly encrypt your most important files (by targeting particular file types), at high speed, rendering them inaccessible to you. Once the files have been encrypted the application will move on to making demands for an untraceable payment using Bitcoin (an online currency) in return for the promise of a decryptor for your own data.
In this instance the ransomware has been combined with a technique (details) which allows infections to travel from one machine to another – this means that the malware spreads quickly between connected machines, such as on a company network. It is this combination which has made the outbreak so widespread and the impact so visible.
A number of defences are available - Microsoft began protecting against this combination of vulnerabilities using a security patch which became freely available in March 2017 (details). This family of patches provides cover for all currently supported versions of Windows (Windows Vista/Server 2008 or newer), but Microsoft have taken the uncharacteristic step of also providing patches for Windows XP/Server 2003 as a service to their customers.
Further information on the outbreak, as well as suggestions from the UK National Security Cyber Centre are available here:-
• Latest Statement
• Briefing – Protecting Your Organisation From Ransomware
What can you do?
There are 3 courses of action that we strongly recommend – both within an organisation, and for home/consumer users
1) Ensure that Windows Update has installed all recommended patches, or download and install the specific patch which suits your Windows version which closes the vulnerability that the current outbreak takes advantage of (details here, see below)
2) Ensure that your desktop/server antivirus product is up to date, and run a scan
3) Ensure that you have a backup for your data which is not accessible/vulnerable to ransomware, or if you don’t have a backup take steps to make one as soon as possible
4) Remain diligent when opening emails (and particularly attachments) from correspondents that you don’t recognise (fake or ‘phishing’ emails are a regular source of malware, part of a chain of events that can lead to ransomware arriving on your machine)
How can we help?
If you are a customer using our hosted services, please be assured that we are already defending against these vulnerabilities (just as you’d expect).
If you’re a customer who entrusts us with support for your servers and/or workstations, we will in touch with you to discuss your situation as a matter of priority throughout Monday. For many, the necessary steps will already have been taken.
If you are a PAYG customer and/or a customer with machines which you’re managing yourselves, we’d like to provide the following list of links which may be useful to you in finding the correct security patch against the vulnerability being used by the current WannaCrypt outbreak:-
Vulnerability Operating System Download Link
MS17-010
Windows 10 http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012606
Windows 10 x64 http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012606
Windows 8.x http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012216
Windows 8.x x64 http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012216
Windows 7 http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012215
Windows 7 x64 http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012212
Windows Vista http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012598
Windows Vista x64 http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012598
Windows Server 2012 R2 http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012216
Windows Server 2012 http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012217
Windows Server 2008 R2 http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012215
Windows Server 2008 http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012598
Windows Server 2008 x64 http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012598
Windows Server 2003 http://download.windowsupdate.com/c/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x86-custom-enu_f617caf6e7ee6f43abe4b386cb1d26b3318693cf.exe
Windows Server 2003 x64 http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x64-custom-enu_f24d8723f246145524b9030e4752c96430981211.exe
If you need assistance with any steps recommended above to defend against with this outbreak please get in touch:-
• Email: support@entrustit.co.uk
• Phone: 0330 002 0046
Subscribe here!
Recent Posts
Posts by tag
- technology (124)
- Security (98)
- cyber security (86)
- IT Security (83)
- Cloud (66)
- Microsoft 365 (64)
- modern technology (63)
- Managed Service (62)
- business (60)
- cloud computing (59)
- IT support (58)
- cyber attack (54)
- workplace (54)
- Microsoft Teams (53)
- cloud it (53)
- microsoft (52)
- Working from home (50)
- productivity (48)
- office (46)
- cybersecurity (44)
- office 365 (44)
- IT (41)
- entrustit (39)
- Uncategorised (38)
- employees (38)
- flexible work (36)
- Password Security (35)
- Remote (33)
- efficiency (31)
- Hosted Workspace (30)
- hosted desktop (30)
- schools (29)
- independent schools (28)
- school ict (27)
- collaboration (26)
- 2023 (25)
- Cyber (25)
- it support bournemouth (23)
- public cloud (23)
- cyber privacy (22)
- computing (21)
- email security (21)
- it support dorset (20)
- password (20)
- entrust (19)
- passwords (19)
- hosted applications (18)
- VoIP (17)
- cloud voip (17)
- covid19 (17)
- hacking (17)
- it support hampshire (17)
- private cloud (17)
- data (16)
- teamwork (16)
- Coronavirus (15)
- GDPR (14)
- cloud cctv (14)
- hackers (14)
- office 365 support (14)
- ransomware (14)
- IT audit (13)
- Protection (13)
- cctv (13)
- covid-19 (13)
- hack (13)
- it consultancy (13)
- it consultancy bournemouth (13)
- it support southampton (13)
- management (13)
- network (13)
- Hosted Desktop and Applications (12)
- Windows Virtual Desktop (12)
- hardware (12)
- hybrid cloud (12)
- internet (12)
- it consultancy hampshire (12)
- it support winchester (12)
- 2020 (11)
- 2022 (11)
- Microsoft Planner (11)
- internet safety (11)
- it consultancy dorset (11)
- msp (11)
- IT costs (10)
- data breach (10)
- it consultancy southampton (10)
- phishing (10)
- vulnerabilities (10)
- windows (10)
- windows 10 (10)
- Backup (9)
- bitwarden (9)
- digital (9)
- telephony (9)
- attack (8)
- communication (8)
- desk phone (8)
- education (8)
- eu (8)
- planning (8)
- software (8)
- staff (8)
- uk (8)
- Google (7)
- Hampshire (7)
- OneDrive (7)
- awards (7)
- infrastructure (7)
- mobile (7)
- offsite backup (7)
- outsource (7)
- partnership (7)
- 2019 (6)
- Apple (6)
- Bournemouth (6)
- Dorset (6)
- IT Director (6)
- Skype for Business (6)
- apps (6)
- architect (6)
- child protection (6)
- cloud storage (6)
- european union (6)
- hacks (6)
- legal (6)
- legal it (6)
- mobile phones (6)
- onsite backup (6)
- password manager (6)
- remote desktop service (6)
- usecure (6)
- virus (6)
- 3d design desktop (5)
- Azure (5)
- Desktop (5)
- ISO (5)
- News (5)
- Risk assessment (5)
- Windows 7 (5)
- brexit (5)
- designer (5)
- personal data (5)
- resources (5)
- smartphone (5)
- surrey (5)
- website (5)
- Access Management (4)
- BYOD (4)
- Case Studies (4)
- Facebook (4)
- Government (4)
- Microsoft Forms (4)
- SharePoint (4)
- VPN (4)
- WannaCry (4)
- artificial intelligence (4)
- ios (4)
- law (4)
- legacy (4)
- proactive (4)
- remote learning (4)
- 2021 (3)
- 2024 (3)
- AI (3)
- Attacks (3)
- General (3)
- Google Drive (3)
- Help (3)
- IP (3)
- Local (3)
- Microsoft Copilot (3)
- NHS (3)
- New Forest (3)
- Tiva (3)
- Zoom (3)
- award winning (3)
- big switch off (3)
- budgets (3)
- citrix (3)
- closed cloud (3)
- ddos (3)
- digital hub (3)
- disaster recovery (3)
- guide (3)
- innovation (3)
- instagram (3)
- internet of things (3)
- meetings (3)
- sme (3)
- storage (3)
- teaching (3)
- trump (3)
- twitter (3)
- united kingdom (3)
- 2016 (2)
- 2018 (2)
- CAD (2)
- ChatGPT (2)
- DR (2)
- DR planning (2)
- Environment (2)
- Firewall (2)
- GPT-4 (2)
- Gen Z (2)
- ISBA (2)
- Macs (2)
- Mr Mulligans (2)
- PaaS (2)
- Sydenhams (2)
- Thames Valley Tech & Innovation Awards (2)
- The Business Magazine (2)
- afc bournemouth (2)
- afcb (2)
- android (2)
- bcs (2)
- berkshire (2)
- broadband (2)
- camcloud (2)
- computer performance (2)
- copilot (2)
- copilot pro (2)
- digital transformation (2)
- downtime (2)
- dropbox (2)
- exhibition (2)
- finalist (2)
- legalex (2)
- london (2)
- macos (2)
- online meetings (2)
- organisation (2)
- paypal (2)
- predictions (2)
- president (2)
- serval systems (2)
- solent (2)
- strategy (2)
- us (2)
- video conferencing tools (2)
- wireless internet bournemouth (2)
- 1998 (1)
- 5G (1)
- AI CCTV (1)
- AMD (1)
- ARM (1)
- Abbey Hill (1)
- Aldwickbury Park (1)
- BBC (1)
- BGL Company (1)
- BUNKERS! (1)
- Birchwood Park (1)
- Bourne Group (1)
- Burhill (1)
- Burhill Group (1)
- Burnout (1)
- CEO (1)
- Central South Business Awards (1)
- Cloud VMS (1)
- Cloudtango (1)
- Dorset Chamber (1)
- Go Integrator (1)
- Growth 100 (1)
- Harvey Jones Kitchens (1)
- High Growth (1)
- Hoebridge (1)
- Ignite 2018 (1)
- Ignite 2020 (1)
- Leaders (1)
- Loop (1)
- MFA (1)
- MSP Select 2024 (1)
- Market (1)
- May (1)
- Multi Factor Authentication (1)
- MyAnalytics (1)
- Ninja Warrior UK (1)
- PBX (1)
- PM (1)
- Power BI (1)
- Privacy Shield (1)
- Ramsdale Park (1)
- Redbourn (1)
- Regulation (1)
- Reid Steel (1)
- Surrey Business Awards (1)
- Tech Company of the Year (1)
- Tech Growth (1)
- Thames Valley (1)
- Thornbury (1)
- WCry (1)
- WannaCrypt (1)
- Wifi (1)
- Wycombe Heights (1)
- acquisition (1)
- ashley madison (1)
- award (1)
- b2b (1)
- bandwidth (1)
- battersea (1)
- beach (1)
- big data (1)
- bloatware (1)
- blockchain (1)
- brand (1)
- builders merchant (1)
- cambridge analytica (1)
- canada (1)
- cia (1)
- clinton (1)
- cnn (1)
- copyright (1)
- cryptocurrency (1)
- dark web (1)
- dkim (1)
- dmarc (1)
- dns (1)
- donald (1)
- dyn (1)
- eagle eye networks (1)
- east grinstead (1)
- election (1)
- equality (1)
- executive order (1)
- farnham (1)
- fax (1)
- football (1)
- gchq (1)
- grinstead (1)
- intel (1)
- intelligence (1)
- josh widdicombe (1)
- landmarks (1)
- learning (1)
- legal technology forum (1)
- machine learning (1)
- meltdown (1)
- millennials (1)
- mirai (1)
- no-deal (1)
- number plate detection (1)
- onsite (1)
- paper (1)
- patisserie valerie (1)
- performance reviews (1)
- pound (1)
- premier league (1)
- procrastination (1)
- reading (1)
- recruitment (1)
- research (1)
- sharefile (1)
- smishing (1)
- snowden (1)
- solent business awards (1)
- solentBA (1)
- spectre (1)
- spf (1)
- sterling (1)
- storm (1)
- talktalk (1)
- trumppresident (1)
- ukitawards (1)
- united states (1)
- usa (1)
- vault 7 (1)
- vitality stadium (1)
- whatsapp (1)
- white (1)
- white house (1)
- wikileaks (1)
- wireless internet southampton (1)
- women in business (1)
- xiongmai (1)
- year (1)