Btech is continuing to follow and investigate the widespread ransomware attack known as WannaCry. (also known as WCry and WannaCryptor).
What is it?
The WannaCry ransomware attack is a malware that is primarily distributed through email phishing tactics and malicious attachment to emails. Once inside the network, the worm propagates itself throughout the network exploiting a Microsoft vulnerability. This vulnerability was first leaked in April 2017 as part of the N.S.A. breach. Microsoft released a patch to correct the vulnerability on March 14, 2017 as part of security bulletin MS17-010.
How do you protect yourself and your credit union?
This attack is another reminder that IT security is critical. The key components that would help to mitigate the risk associated with an attack like WannaCry include:
Perimeter Security - A next generation firewall, that performs deep-packet inspection and uses a subscription license to identify the latest threats, would reduce the risk of the malware entering a credit union network.
Btech clients that use the Btech managed firewall service based on SonicWall, have had security updates since mid-April to protect their network from this attack.
Email Security - An email security system that scans all email for viruses, malware, and spam would identify the malware attachment and reduce the risk of an end user infecting their computer with the malware.
Btech clients that use the Btech email security service based on Proofpoint would have had the risk of a malware attachment in an email distributed to an end user significantly reduced.
Desktop Security - A managed antivirus solution, with detailed reporting and alerts to identify at risk computers would reduce the risk of a computer being infected by the malware.
Btech clients that use the Btech managed Trend Micro service would be protected from this ransomware attack by Trend Micro's Predictive Machine Learning and Xgen Security.
Patch Management - A patch management solution ensures that the latest patches are distributed and installed, to reduce the risk of exploits like the WannaCry malware.
Btech clients who use the Btech patch management service based on Shavlik would have had the Microsoft patch, MS17-010, installed on their computers at the end of March, 2017.
Vulnerability Assessment - A vulnerability assessment scan would have identified those computers that were at risk of the WannaCry malware because of the missing MS17-010 patch.
As of today, Saturday, May 13, 2017, the latest news is that an employee of Proofpoint has found the "kill switch" to slow down the spread of this attack. Experts are already saying that another wave of attacks will happen again soon though.
This is another reminder that excellent IT security is a must for your credit union. As identified above, multiple layers of security are necessary to identify, correct, and protect against the vulnerabilities that are exploited by attacks like WannaCry.
Please feel free to contact me at email@example.com or 626-397-1045 if you have any questions, or if we can help in any way.