Wednesday, May 17, 2017

Ransomware Threats

Precautionary measures to mitigate ransomware threats include:
  • Ensure operating system is up-to-date.
  • Restart computer after updates have been installed.
  • Ensure anti-virus software is up-to-date.
  • Implement a data back-up and recovery plan to maintain copies of sensitive or proprietary data in a separate and secure location. Backup copies of sensitive data should not be readily accessible from local networks.
  • Scrutinize links contained in emails, and do not open attachments included in unsolicited emails.
  • Only download software—especially free software—from sites you know and trust.
  • Enable automated patches for your operating system and Web browser.
Source: U.S.- CERT
General information on ransomware:
https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx
MS17-010 Security Update:
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
History:
We are continuing to monitor our systems for the WannaCry ransomware. To mitigate the threat for those individuals running Microsoft Windows operating systems apply the Microsoft patch for the MS17-010 SMB vulnerability dated March 14, 2017. Also ensure your antivirus is up-to-date. Information Security and Compliance is conducting periodic scans and sharing information with system administrators. More information is available on K-State Today.

History:

A widespread ransomware campaign, referred to as WannaCry, WCry, or Wanna Decryptor, is affecting the global community. While K-State has controls in place at the network border there are areas that make us vulnerable. To mitigate ransomware threats: Apply the Microsoft patch for the MS17-010 SMB vulnerability dated March 14, 2017. Ensure operating system patches have been applied to computers. Information Security and Compliance is conducting periodic scans and sharing information with system administrators. More information is available on the K-State Today page.