Late last week the world awoke to a massive attack on an exploit found on unpatched systems. This was a known vulnerability that Microsoft patched weeks ago, however those who were still using old operating system versions or had a poor patch management strategy, were caught in this extortion trap. (the patch was released in March and is called MS17-010). The vulnerability allowed bad guys to leverage an exploit called EternalBlue that was in Microsoft’s code to release the malware (This exploit was believed to have been developed by the National Security Agency), which would start encrypting your files and the demand a ransom of several hundred dollars in BITCOIN to release the unencrypting code back to you.
Here is what happened: The bad guys (not sure who yet) knew about the bug through leaked NSA data and waited until a targeted date to release a virus that they created (Ransomware) to all those whose data security systems were vulnerable. Unfortunately, International telecommunications companies, European Natural Gas and Power companies, German Rail system, Universities, Fed Ex and countless others were not properly patched and fell victim to this WannaCry ransomware.
What has been done: Managed clients of F1 solutions have already been patched weeks ago. We tell you to log off at night but leave you computers on, so we can deploy patches like this to install. We ran a scan of all devices that we manage that did not have the patch and out of 5000 users only found 4 computers that had not received the patch due to computers being offline. Those clients have been communicated with and the patch released. This is part of the invaluable service that F1 Provides our clients in its support program.
What should you do: If you have a computer that is in storage and that has not been online in the last 30 days, we recommend that you address this. If you have computers that connect to your network, that are not managed by F1 we highly suggest that you ensure your system has received the patch above.
Train your staff: Always remind your staff to not click on any attachments or links that are not trusted. When in doubt: don’t click, contact the sender of the e-mail and ask if it is legitimate. Remind your staff the importance of leaving your computers on but logged off for patching purposes. When you take your laptop on the road, it is okay to turn off. When you turn it back on, the patches will be deployed though our management agent.