On Friday, May 12, organizations all around the world were victims of ransomware attacks. Cybersecurity experts tracked more than 200,000 coordinated ransomware attacks in over 150 countries. Ransomware locks the files on an infected computer rendering them inaccessible. The victim is then instructed to pay the hackers a “ransom” before the files can be unlocked. The British National Health System was one of these victims, causing hospitals across the United Kingdom to turn away patients. Other victims included Russia’s Interior Ministry and Telefonica (one of the largest private telecommunications companies in the world). The attackers demanded ransoms of only $300, indicating that their goal was to infect as many organizations as possible – irrespective of size. Even small and mid-sized organizations were targeted.
On Sunday, May 14th a new strain of ransomware was released by criminal hackers. Both versions can spread itself automatically across all workstations in a network, causing a global epidemic. If users or a co-worker are not paying attention and accidentally open one of these phishing email attachments, you might infect not only your own workstation, but immediately everyone else's computer too. After the initial infection the ransomware will automatically spread itself to unpatched systems or systems with open shares. The patch to prevent the automatic spreading was released by Microsoft in March 2017, protecting those who had already updated their systems and did not have open shares. Open share are folders that are accessible to anyone on the network.
What Should I Do Now?
For more information on how Eide Bailly can help you protect your infrastructure, click here.