- The widespread malware/ransomware that was executed on Friday, May 12 is believed to be ransomware called WannaCry Decryptor. It is targeting a critical Microsoft vulnerability described in a March security bulletin. Read the full Microsoft bulletin
- This version of WannaCry infects the computer by encrypting all files
- It begins with an email phishing scam. In cases we have seen, the email subject line reads something like “6515150_Invoice” and contains a PDF attachment.
- Scrutinize all emails
- If you receive a generic or suspicious email, do not click on any hyperlinks in the message or open any attachments. This is how the malware/ransomware spreads.
- Update and patch Microsoft products as soon as possible
- Because of the widespread use of Windows products, it is recommended that you work with your application development teams, vendors and service providers to understand the scope of risk and work out a patching plan.
If you are a victim of ransomware, the FBI and other IT security experts recommend that the ransom NOT be paid. Report an incident to the Internet Crimes Complaint Center athttps://www.ic3.gov/complaint/default.aspx