Last week, tens of thousands of organizations worldwide were brought to their knees by a large-scale ransomware cyberattack called WANNACRY. River Run clients were unaffected, thanks to our advanced network monitoring and support services.
This global attack used a tool stolen from the National Security Administration (NSA) and exploited networks where TCP port 445 was exposed to the internet. We learned about WANNACRY early in its deployment and took immediate action to prevent it from affecting our client networks:
- Our standard practice with our clients is to not leave TCP port 445 exposed to the internet – so their networks were protected even before this attack occurred.
- We reviewed the known details of WANNACRY and its variants and updated CryptoDetect’s ruleset to detect it.
- Clients using our Automated Remote Management Service (ARMS) are now having this software updated so it is not vulnerable to future ransomware attacks from WANNACRY.
We are continuing to monitor our sources for any new developments with WANNACRY.
CRITICALLY IMPORTANT: UPDATE YOUR OLDER VERSIONS OF WINDOWS
If you are using older versions of the Windows operating system – specifically Windows XP, Windows 2003 or Windows 8 – you still may be vulnerable to attack. Even though Microsoft no longer supports these older operating systems, it released a patch to protect them against WANNACRY.
We urge you to take these updates seriously – news reports of WANNACRY’s impact said that the healthcare industry bore the brunt of the first attack. Why? Because they are notoriously slow to migrate away from outdated operating systems.
Do not let this happen to you. Contact us today at 414-228-7474 to talk about your options.
Share this article