Dear DKB Clients: Remember getting ransomware this weekend?
Of course you don’t because it never happened! DKBinnovative has your back.
This past Friday, malware known as WannaCry spread over 100 countries wreaking havoc for thousands of networks, namely shutting down much of the UK’s healthcare system. It was declared the largest ransomware infection to-date until stopped on Saturday by a ‘kill switch’ discovered in its code—however, new variants have already been reported making ‘round 2’ of the outbreak ready for attack. You can read a brief on what Ransomware is on our blog here, but concisely, it is a type of malware that encrypts data, requiring a payment to decrypt and unlock the data. The WannaCry or Wcry strain is particularly harmful because it spreads virally exploiting a known vulnerability in Microsoft Windows, unlike most ransomware which is caused by accidental download through website or email.
So why were you not impacted by this attack?
1) We patch your systems weekly so you already have the preventive patches in place for current, Microsoft-supported operating systems;
2) Webroot AV/Malware protection updates in real-time and we confirmed Friday that your systems were fully updated. More here on the protection provided by Webroot;
3) DKB uses Cisco OpenDNS ransomware protection as an added layer of protection to prevent ransomware downloads and execution;
4) Our team worked diligently all weekend to force patching all assets with the newest updates, even for Microsoft unsupported OS’s like XP and Server 2003. We did this to be extra sure our clients aren’t impacted.
Are you safe? Are there any other actions required?
Cybersecurity and the war against ransomware is a daily battle we are fighting on your behalf with a team of professionals backed by the best tools and processes to keep your systems safe and your teams productive. As updates or changes in defenses are required, DKB will respond accordingly just like we have for this threat. The steps taken above for wCry put our clients at very low risk for this particular ransomware but we need help with two items:
1) If prompted to reboot your machine because of patches applied, please do so without delay. Laptops that were powered down this weekend will receive forced patches on Monday morning and will request a reboot after applied.
2) Most security experts agree that the overwhelming majority of security breaches and infections are caused by human error with most infections spreading by email. While your company email is filtered for infections, malicious links and attachments do on occasion get through and there is little protection against personal email (Yahoo, Hotmail, etc.). When in doubt, delete. DKB is now deploying cybersecurity training that will be launched to all of our clients in coming months, so be on the lookout for this ongoing web-based training.
And lastly, Happy Mother’s day to all you mothers out there and the rest of us born to a mother (includes most of us). We’ve got your back like Mom has always had mine!
CEO | Fractional IT Officer – Productivity Enhancer – Profitability Accelerator
469.277.1961 (direct) | 1-888-DKBI-TECH (888-352-4832) | www.linkedin.com/in/keithbarthold