This past weekend many corporations around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. We at Economic Computers wanted to reach out and check if this malware affected any of our customers. Please contact us if you are experiencing problems due to this or any future attacks. We have a partnership with Microsoft, which allows us to receive up to date patches and guidance for scenarios like these.
Listed below are preventative measures published by Microsoft to avoid a potential threat. This blog spells out the steps every individual and business should take to stay protected including for legacy systems like windows XP and Windows 2003. If you are not sure if your machines are updates PLEASE CALL US. This is no minor threat.
- In March, Microsoft released a security update which addresses the vulnerability that these attacks are exploiting. Those who have Windows Update enabled are protected against attacks on this vulnerability. For those organizations who have not yet applied the security update, we suggest you immediately deploy Microsoft Security Bulletin MS17-010.
- For customers using Windows Defender, we released an update earlier today which detects this threat as Ransom:Win32/WannaCrypt. As an additional “defense-in-depth” measure, keep up-to-date anti-malware software installed on your machines. Customers running anti-malware software from any number of security companies can confirm with their provider, that they are protected.
- This attack type may evolve over time, so any additional defense-in-depth strategies will provide additional protections. (For example, to further protect against SMBv1 attacks, customers should consider blocking legacy protocols on their networks).
Recommended Actions for Customers – To Prevent
Customers who are running supported versions of the operating system (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, Windows Server 2016) will have received the security update MS17-010 in March. If customers have automatic updates enabled or have installed the update, they are protected. For other customers, we encourage them to install the update as soon as possible. We made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download.
- Apply the Microsoft patch for the MS17-010 SMB vulnerability dated March 14, 2017.
- Ensure anti-virus and anti-malware solutions are set to automatically conduct regular scans.
- Manage the use of privileged accounts. Implement the principle of least privilege. No users should be assigned administrative access unless absolutely needed. Those with a need for administrator accounts should only use them when necessary.
- Develop, institute, and practice employee education programs for identifying scams, malicious links, and attempted social engineering.
- Test your backups to ensure they work correctly upon use.
- Download English language security updates: Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86,Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86,Windows 8 x64
· Download localized versions for the security update for Windows XP, Windows 8 or Windows Server: http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598