As per all news agencies and cyber security organizations, the world is under massive ransomware attack. The ransomware spreads through Europe but specialists are sure that it will eventually spill into US.
The Digital Edge Security Team is assessing the situation and will assist all the clients and any IT organization that require cyber security help.
We feel that the threat is serious as the infection has a “hunting” functionality that is used to infect other computers that the infected computer has access to through vulnerable Windows SMB Protocol. Microsoft Windows vulnerability called EternalBlue is used by NSA tools leaked to WikiLeaks earlier. The attack might be inspired by NSA weaponry or by NSA itself.
Simply put, if a user opens a malicious email or a website on a desktop that was not patched after March 14, 2017, there is a big chance that the user’s computer will be infected and the virus will spread inside of the organization.
Please open a support ticket if you need help at: https://www.digitaledge.net/support/
- Microsoft patch must be installed: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx. (Better to install all latest updates.)
- Ensure that SMB ports are closed and perimeters are segmented.
- Disable SMB access through VPNs.
Please do not hesitate to contact us if you have questions or comments.