A ransomware outbreak, WCry, has been spreading around the globe. Even days after the attack the threat is still real. What can you do?
The threat is still real even several days after the initial WCry attack launched on Friday afternoon (12 May). Systems are still vulnerable, "mutations" of the initial virus are appearing, and organizations need to be active and raise awareness to prevent further infections.
There has been an outbreak of ransomware WCry, also referred to as WNCry, WannaCry, WanaCrypt0r or Wana Decrypt0r, which is spreading globally. This ransomware is leading to the following:
Like most of the ransomware attacks this is coming through email attachments. Initial assessments are showcasing that once infected, the ransomware spreads through a remote code execution vulnerability in Microsoft Windows computers: MS17-010.
The vulnerability MS17-010 is also known as ETERNALBLUE, for which a patch is available.
The following immediate measures should be taken:
As for other cyber threats and incidents, the "people, process, technology" approach is a very important aspect in preventing this from happening at your organisation and responding to this if it should happen. The following should be considered:
Should you need any additional information or require assistance with the above, please reach out to KPMG, our team of cyber experts is ready to help.