Security Alert — WannaCry (AKA WannaCrypt) Ransomware

Thank you Sterling Payment Technologies for this information.

Security Alert — WannaCry (AKA WannaCrypt) Ransomware

May 16, 2017

Data security is top priority to Sterling.  We periodically send new and critical Data Security Alerts regarding security threats and best practices to help protect payment card data. Data Security Alerts may be useful in assisting stakeholders with valuable information for mitigating security risks.

On Friday, May 12, new malware was detected called “WannaCry.”  This malware is a very dangerous Trojan virus called “ransomware.”  The virus in effect holds the infected computer hostage and demands the victim pay a ransom to regain access to the files on his or her computer.

WannaCry is the most severe malware attack so far this year and is far from over.  The attack began sweeping globally last Friday,  and researchers estimate that nearly 57,000 computers in more than 150 countries were infected by end of day Friday.  As of this morning, more than 200,000 systems around the world are believed to have been infected.

What exactly does WannaCry do?  WannaCry works by encrypting most or all the files on a user’s computer.  Then, the software demands that a ransom be paid in order to have the files decrypted.  The software demands that the victim pay a ransom of $300 in bitcoins at the time of infection.  If the user doesn’t pay the ransom within three days, the amount doubles to $600.  After seven days without payment, WannaCry will delete all of the encrypted files and all data will be lost.

Unfortunately, there is no fix for WannaCry at this time.  Antivirus companies and cybersecurity experts are working to find ways to decrypt files on infected computers, but it is not available right now.

What you can do:  Ransomware spreads through malicious attachments in emails, so avoid clicking on links or opening attachments from unknown sources.

Regardless of which operating system you run, you should install  all available security updates immediately.  Specifically, Windows users with machines that run Windows XP, Windows 8 or Windows Server 2003 should immediately install the security update from Microsoft that was released on Friday.

 

For more information from Microsoft, please visit this link to learn more and find security patches: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
For more information from the United States Department of Homeland Security, please visit this link: https://www.us-cert.gov/ncas/alerts/TA17-132A

This entry was posted on Tuesday, May 16th, 2017 at 1:35 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: