This alert is Critical.
Critical alerts describe events that unexpectedly impact a large number of people, such as major service outages.
WannaCry Malware – What You Need To Know
Over the past few days, the media has been reporting on the “WannaCry” or “WannaCrypt” ransomware worm spreading throughout various organizations around the world. One of the many initial worldwide targets was the British National Health Service but we have had reports of some organizations in the city of Richmond seeing the malware attempting to execute on systems. This attack is widespread, with as many as 70 countries reporting to have seen the malware on various systems.
What is Ransomware? Ransomware is a type of malicious software, or malware, that covertly and illegally encrypts files. This encryption will prevent the computer owner from accessing their own files until they pay a ransom for safe recovery. Typically, ransomware gets onto a system through clicking on a malicious website link OR a link in a phishing and spam email.
What Makes WannaCry So Bad? WannaCry differs from traditional ransomware because once it gains access to one system, it attempts to spread to other systems through a particular vulnerability in the Microsoft Windows operating system. So not only can it lock the system owner out of their own files, but it can travel through the network doing the same to others if their systems are vulnerable.
What Systems Are Impacted? Currently, only systems running Microsoft Windows, including those listed below, are affected. Devices running Apple, Google, or Linux operating systems are not known to be vulnerable to this attack:
-Microsoft Windows XP
-Microsoft Windows Vista SP2
-Windows Server 2008 SP2 and R2 SP1
-Windows RT 8.1
-Windows Server 2012 and R2
-Windows Server 2016
How do I know if I am vulnerable? Microsoft released a patch for the WannaCry exploits vulnerability (MS17-010) back on March 14th, 2017. If Windows Automatic Updates OR another patching mechanism are not enabled by your system administrator, you may not have received the patch. Please contact your Desktop Support Technician or Administrator if you need further information on this.
Windows administrators can find the patches for manual deployment as follows. Be sure to get the cumulative update pack:
For further Information, please can see the security bulletin for the MS17-010 patch here.
Note: Thanks for Rob Toback in the Information Security Office for providing content for this post.
Updated at 1:10 p.m. to include the link for Windows XP update.