It has come to our attention that a new wave of Ransomware outbreaks has struck thousands of companies throughout Europe, Asia, and parts of the United States. CIS is monitoring the situation and will be providing ongoing updates to clients who may be impacted. As always, caution and diligence are the best answers in a situation like this. Further information for remediation and protection will be provided as new details emerge.
The malicious code is still under analysis from Security and Cyber Crimes experts from around the world. Roughly two thousand companies have reported infection, including giant enterprises such as Merck and Maersk, as well as critical government and private infrastructure in areas like power, healthcare, and emergency response. The target list also appears to include numerous small and medium sized organizations, such as law firms and accounting firms. Much like the recent “WannaCry” outbreak, the attack encrypts company data and demands a ransom; in this case $300 in bitcoin is the common demand, to unlock data.
As with any ongoing investigation, there have been numerous conflicting reports about the malware itself. At this time, we can report the following recommendations with confidence:
CIS advises clients to be diligent about rolling out any critical patches and updates released by Microsoft or other key vendors. End-user education is also increasingly important, in this scenario CIS recommends that a company-wide message be sent, reminding end-users not to click on anything in an email unless they are absolutely sure of the source and content.
We will provide further updates as more information emerges. If you have experienced a security breach, or would like to discuss any concerns or best practices approaches to IT Security, please contact us: 212-577-6033 / http://cisus.com/contact