The WannaCrypt Virus is Rampantly Spreading across the Globe
iuvo Technologies is constantly working to get ahead of all security threats and the WannaCrypt Virus (a particular strain of a crypto locker type of virus) has recently spread rapidly on systems that have not been proactively kept up to date. As part of our normal protocols, we have identified the threat, analyzed systems that may be affected and worked with our customers to communicate the threat and automate their protection. This issue is serious enough, that we feel strongly to communicate this to the community so that they can prepare and prevent this from affecting their systems.
Most modern operating systems like Windows 10 may be less susceptible by this attack however any Windows operating system, including Windows 7, 8 & 10 as well as Server 2008 that have not been patched via Microsoft's standard patching mechanisms after March 14th may be vulnerable. Older systems that are no longer in standard support (Windows XP, Windows Server 2003, Windows 8) are not automatically protected. Normally Microsoft would not even provide patches for these legacy systems, but due to the severity of this vulnerability, they took the unusual step of providing patches for manual deployment.
Some users may be running older (legacy) operating systems because of software compatibility or other business reasons that may leave them vulnerable.Fortunately, iuvo Technologies has worked with our customers to ensure a minimum number of these legacy systems are operational, and that all systems are patched as regularly as possible. This emphasizes our process and Technology that we use to manage and mitigate these vulnerabilities.
It’s worth noting that the US is benefiting from a bit of luck in this particular case as an infosec group stumbled upon a “kill switch” in the virus, so future internet-connected systems that get the virus will most likely not become infected by this particular strain. There are unconfirmed reports, however, of a strain of the virus without the kill switch. Whether or not this is true, it is certain to become an actuality in short order, and therefore the vulnerability must be patched as soon as possible.
As always, we cannot stress enough the importance of removing legacy systems from your infrastructure environment and ensuring regular patching. It’s also a good time to mention that there are certain backup solutions (such as Datto Siris) that not only provide extremely rapid recovery from these kinds of events, but can even detect the presence of encrypted files on your systems and alert you. Let us know if you’d be interested in evaluating one of these products and we’ll be happy to work with you.
For more detailed information on the vulnerability, please see the links below:a
· Excellent Summary article from The Register (with links to additional information)
· Customer Advisory from Microsoft