The WannaCry ransomware campaign launched late last week has affected organizations across multiple sectors in as many as 74 countries. The campaign is thought to be gaining access to enterprise servers through either Remote Desktop Protocol (RDP) compromise or through the exploitation of critical Windows SMB vulnerability, with one possible infection vector being phishing emails. A ransomware attack on your institution could be devastating with impacts including:
- Temporary or permanent loss of sensitive or proprietary information,
- Disruption to regular operations,
- Financial losses incurred to restore systems and files, and
- Potential harm to an organization’s reputation
A recent alert from the United States Computer Emergency Readiness Team (US-CERT) has additional information about this threat, including steps for prevention and remediation, which can be viewed here: https://www.us-cert.gov/ncas/alerts/TA17-132A.
To view additional alerts and/or tips for common security issues visit https://www.us-cert.gov/ncas ; interested parties can also sign up here to receive alerts to their inbox.