This is an ACTIVE EMAIL THREAT – PLEASE FORWARD TO YOUR NETWORK USERS.
On Friday, May 12, 2017, cyber criminals released what has been the most malicious ransomware attack in history. The ransomware named WannaCry has infected over 10,000 organizations in over 150 countries so far. Several European health systems and major manufacturers were forced to shut down by the initial wave on Friday. To compound matters, at least two new strains of WannaCry have been released since Friday as the cyber criminals continue to leverage this latest threat.
WannaCry starts as an email message that may appear to come from someone you know or from an unknown source. If a malicious link is clicked or an attachment is opened, the ransomware encrypts all documents on the computer and attached drives. What makes this new ransomware unique and so nasty is that it also exploits a Windows vulnerability to spread across connected networks as a worm, infecting other computers. The vulnerability that this worm exploits was brought to light as part of the WikiLeaks dump of NSA documents from April 14 of this year. Once infected, a message will appear that your files are encrypted and a ransom must be paid to get your files back.
Since the initial news broke of this unprecedented ransomware attack, we have been verifying patches are applied and ensuring that layers of protection are in place and operating properly. WE ALSO NEED YOU – to be aware of suspicious email messages and to leave systems on overnight so that we may keep them up-to-date.
Businesses that are not currently Integrity clients should take action.