|
May 15 |
Alert: WannaCry Ransomware
Posted by Awang A. on 15 May 2017 10:54 AM |
|
Dear Valued Customers, We would like to inform you of the urgent ransomware outbreak that have been shutting major business offline that called WannaCry a.k.a Wcrypt. The ransomware uses a vulnerability first revealed to the public as part of a leaked stash of NSA-related documents to infect Windows PCs and encrypt their contents before demanding a ransom for the key to decrypt the encrypted files. The co-ordinated attack had managed to infect large numbers of computers across the health service around the world after it was first noticed by security researchers on 12 May 2017, in part due to its ability to spread within networks from PC to PC. In the meantime, we would like to urge system administrators to patch their systems as soon as possible and keep their users aware of the new ransomware in order to prevent them to open suspicious emails/files. System administrators and internet users may take the following preventive measures to protect their computer from ransomware infection: i. Perform regular backups of all critical information to limit the impact of data or system loss and to help expedite the recovery process. Ideally, this data should be kept on a separate device, and backups should be stored offline; ii. Maintain up-to-date anti-virus software; iii. Keep operating system and software up-to-date regularly with the latest patches; iv. Do not follow unsolicited web links in email; v. Be extra careful when opening email attachments; vi. Follow best and safe practices when browsing the web Ransomware does not only target home users, businesses can also become infected with ransomware which can have negative consequences, including: • Temporary or permanent loss of sensitive or proprietary information; • Disruption to regular operations; • Financial losses incurred to restore systems and files; and • Potential harm to an organization’s reputation. Advisories and alerts recently issued by CyberSecurity Malaysia that needs immediate patches as a measure to prevent ransomware infection are: https://www.mycert.org.my/en/services/advisories/mycert/2017/main/detail/1262/index.html https://www.mycert.org.my/en/services/advisories/mycert/2017/main/detail/1255/index.html ======================================================================= We also would like to announce that we have successfully patched all our Windows Shared Hosting servers over the weekend. The servers have been updated with the latest Microsoft Security Update and rebooted for the new patch to be applied.
Please do not hesitate to contact our 247livesupport.biz if you have any further inquiries. Regards,
Awang A.
Technical Support Manager ------------------------------------ 247 LiveSupport Department - http://247livesupport.biz - * Thank you for using 247LiveSupport System * SUPPORT ESCALATION PROCEDURE We stand behind our products and services. If there are serious problems that are impacting your business and you are not getting help through regular channels, you can contact our CEO, Terence C. directly at ceo@247livesupport.biz. =======================================================================
UPDATE:
Please note that we blocked all versions of SMB at the network boundary by blocking TCP port 445 with related protocols on UDP ports 137-138 and TCP port 139, as we all know about Uiwix Ransomware, has begun to spread by exploiting the same vulnerability in Windows SMBv1 and SMBv2 as WannaCry.
Regards,
Awang A.
Technical Support Manager ------------------------------------ 247 LiveSupport Department - http://247livesupport.biz - * Thank you for using 247LiveSupport System * SUPPORT ESCALATION PROCEDURE We stand behind our products and services. If there are serious problems that are impacting your business and you are not getting help through regular channels, you can contact our CEO, Terence C. directly at ceo@247livesupport.biz. | |