New ransom ware makes you “wanna cry”! Bennett has the tools to help.
A lot of information is coming out about the latest Wanna Cry virus. A couple of things to note, that are currently not widely reported:
- Most of the “hacks” that took place late last week were in China, India and Russia. Some reports are saying that as much as 60% of these countries are running pirated or stolen copies of Windows. A high percentage of pirated Windows software cannot get patches on a regular schedule. Most experts agree that this is why it moved so fast throughout these countries.
- The vulnerability that Wanna Cry is using, is typically not open to the internet for access in the US. Hackers can easily use a port scanner to find machines on the internet that have port 445 open and attack those machines. It uncommon for US companies to have port 445 open to the internet, and this is another reason why the rest of the world was affected more severely.
- As this attack matured, it is suspected to have started spreading through email, which relies on the typical email and firewall scanners to protect networks. The attack has slowed down as the link in the code was made unavailable (through a kill switch).
So what can we learn from Wanna Cry? Good security practices can help in mitigating these attacks. Microsoft released a patch to protect against the vulnerability in the Wanna Cry ransomware in March. They also released a patch for unsupported operating systems over the weekend. Patching alone will not protect you, as email continues to be a preferred method of entrance into a network. Even when protections are in place they can’t be 100% guaranteed because links and attachments can be disguised as normal business communication and may still be opened.
We want to make it easy for you and your staff to verify emails that are questionable, so we have setup firstname.lastname@example.org which will be monitored from 7am to 7pm. You may forward your questionable email to this address, and Bennett customers can expect a response from a technician within one business day verifying its legitimacy.
If you receive an email with a hyperlink you can hover (without clicking) over the link to see where it leads. When it comes to your email – question everything before clicking.
If you are having problems keeping your devices patched or need help keeping your network safe, please let us know. We can customize a service product to help. Call 320-214-3878 and a technician will help you.
Bennett Support Team