The ITeam Security Bulletin: WannaCry Ransomware

You may have seen the news this weekend.

Criminal hackers have released a new strain of ransomware that spreads itself automatically across all workstations in a network, causing a global epidemic.

If you or a co-worker are not paying attention and accidentally open one of these phishing email attachments, you might infect not only your own workstation but immediately everyone else’s computer too.

The initial infection was stopped on Friday, but it has since been rewritten and is again spreading in the wild.

There are 200,000 confirmed infections in over 150 countries as of this afternoon.

While most of the damage has been in Europe, Russia and Asia, there are over 6000 confirmed incidents in North America.

According to CrowdStrike’s Vice President of Intelligence Adam Meyers, the initial spread of WannaCry is coming through phishing, in which fake invoices, job offers and other lures are being sent out to random email addresses.

Within the emails is a password protected .zip file, so the email uses social engineering to persuade the victim to unlock the attachment with a password, and once clicked that initiates the WannaCry infection. Microsoft confirms this in a blog post.

Be very careful when you get an email with an attachment you did not ask for. If there is a .zip file in the attachment, do not click on it but delete the whole email. Remember: “When in doubt, throw it out!”

At The ITeam we work hard to ensure your networks are protected. Technology cannot stop every threat, and the last line of defence is alert and educated users.

Please share this information within your organization and outside your organization as you see fit. If your company requires IT support in Calgary, call us for a quote.