Wanna Cry?

Brittany Pescetto Blog

WannaCry Ransomware

What you need to know

Ransomware is a malicious software that locks your data until you pay a “ransom” to retrieve it. Last week, to the terror of many business owners, WannaCry ransomware spread rapidly to over 150 countries, leaking tons of data and rendering many banks, hospitals and universities, and governments helpless against encryption.? WannaCry’s asking price? $300 in Bitcoin, a price that doubles if no payment is submitted within 3 days. But the FBI cautions, regardless of the amount you sink into Bitcoin, the probability of cyber criminals decrypting your treasured data is highly unlikely, and could inadvertently fuel and fund further attacks.

Findings show cyber criminals used a leaked NSA hacking tool forged from a Microsoft flaw, in combination with their own ransomware, allowing them access by exploiting a Windows vulnerability. Once one computer falls victim, the worm-like malware proliferates, encrypting files and folders on local drives, backup drives, and other computers on the network.

Why patching is pressing

Many cybersecurity experts suggest phishing to blame, but after pouring over 1 billion e-mails, IBM Security’s Caleb Barlow said researchers have come up empty handed, and as FBI Cyber Division Assistant Director James Trainor warned in April of last year, some cyber criminals don’t need e-mail to gain access.? On March 14th Microsoft issued a patch to fix the flaw exploited by WannaCry. The lack of a source lead many to believe delayed patching granted entry to the cyber criminals.

?These criminals have evolved over time and now bypass the need for an individual to click on a link. They do this by seeding legitimate websites with malicious code, taking advantage of unpatched software on end-user computers,? Trainor explained.

As this week comes to a close, affected businesses are scrambling to recover and while others ensure all patches are up to date.

In a blog post on Sunday, Brad Smith, president and chief legal officer at Microsoft shed light on the severity of the breach.

“The governments of the world should treat this attack as a wake-up call, Smith scolded.”
“An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen.”

How can I protect my data?

  • Patch

    One of the main reasons why intrusions happen is because security software is out of date. Security companies do a good job of keeping pace with hackers, but if you don?t promptly apply applicable patches, you leave your entire IT infrastructure at risk of exploits.

  • Educate

    Proactively educate employees on the importance of due diligence. Train staff on how to identify malicious links, emails and pop-ups. If you’re not sure, DON’T CLICK!

  • Back Up

    Frequently back up data or projects on a separate network in preparation for a disaster. An in-house backup system isn?t enough. Unless you have an ongoing backup of your entire IT infrastructure in redundant, offsite data centers, your business is as risk.

  • Newberry's Secure Cloud

    Pass off the cost of managing and maintaining computing infrastructure. With Newberry’s secure cloud, gain full backup of your files to the cloud and fast restoration of backed up files, complete with file revisions.

US-CERT Security Alerts


The Newberry Group Corp HQ | 10461 Mill Run Circle, Suite 200 | Owings Mills, MD 21117
Columbia | 6750 Alexander Bell Dr Suite 100 | Columbia, MD 21046
Georgia | 2300 Lakeview Parkway Suite 700 | Alpharetta Georgia 30009
Virginia | 11720 Sunrise Valley Drive Suite LL-01 | Reston, VA 20191
Phone: (866) 725-8674 | Fax: (636) 928-8899 | Email: info@pantheratech.com
Copyright 2005-2017 The Newberry Group. All Rights Reserved.