Ransomware

210

Solutions

506

Contributors

Ransomware is malicious software, designed to block data access in order to extort money. As a form of malware, ransomware is most often used to infiltrate devices through infected emails or links that, in turn, recognize and take advantage of vulnerabilities in the operating system and installed third-party software.

Share tech news, updates, or what's on your mind.

Sign up to Post

The global technology community is grateful for the team of tech professionals and their genius download of the malware domain and sinkhole use to stop the international Ransomware attack. However, this sinkhole is only a fix to one sample of the WannaCry attack. To protect yourself from further attacks, please patch your systems as soon as possible.
10
Given the global WannaCry crisis that's been developing over the last few days, this morning Experts Exchange fast-tracked the Ransomware proposed topic and made it official.

So as you discuss the impact of WannaCry, and share news and advice related to it or Ransomware in general, be sure to use the new topic in your posts, questions, articles or videos. And special thanks to all of the IT Experts that are helping to combat this menace!
10

Expert Comment

by:Daniella Barion
It's great, let's share ideas and discuss security matter.
1
WannaCry... I really wanna cry... this whole thing is insane. No, I've not been infected... nor have any of my clients. And yes, it's still possible some of my, shall I say, lesser attentive clients could be infected tomorrow or at some point in the future. But this whole thing is driving me nuts. It wouldn't be a story if IT management had taken security and patching seriously. The malware uses an exploit patched two months ago. If people patched regularly, nothing would be infected. I hate to say this - largely because the policy annoys me and has seriously inconvenienced me on more than one occasion - but this is exactly why Microsoft has started forcing Windows 10 computers to patch and reboot on a monthly (or more frequent) basis.

Let me be clear - there are thousands of new threats EVERY DAY. The way you protect yourself is by being diligent about your own security and learning to use technology / implement technology in a manner that keeps it as secure as possible. Absolute security is not possible - security itself is a balance of minimizing the threat risk and minimizing the user's inconvenience. But the way to be safe - and to protect your valuable information - is to take a tiered approach and, among other things, educate yourself/your users so they understand what to look for. Implement policies that minimize access - we're not trying to suggest your administrative assistant is untrustworthy - but do they really need access to the accounting data to do their …
18
LVL 132

Expert Comment

by:Andrew Hancock (VMware vExpert / EE Fellow)
150 Countries affected and at least 250,000 devices, and $48,000 paid so far in Ransom monies!
2
LVL 132

Expert Comment

by:Andrew Hancock (VMware vExpert / EE Fellow)
a little bit busy at present!!!!

Layer Technologies.....

1. Anti-virus
2. Patch
3. Whitelist of apps which are allowed to run!
4. Reduce Admin rights!
1
What have we learnt today about the WannaCry ransomware attack, what you should do.

1. do not block the URL KILLSWITCH - This will stop the spread in your network.

2. Make sure your Anti-Virus Definitions are up to date. 30% of Vendors had definitions updated by end of play Friday 15th May. This will stop trojan exeuting.

3. Patch Risky OS first e.g. Windows 2003 and XP, there are PATCHES available! - This will stop the payload exploit getting into the server.

4. Patch Windows 7, 8, 10, 2008, 2012 and 2016.  Check for a Security Rollup since March 2017.
5
5
5
LIVE updates on the recent ransomware attack from our CISO, Director of Security, and Chief Technologist
The news broke on Friday of a massive ransomware attack on the UK NHS and the attack has now impacted up to 200,000 organisations in 150 countries. Our security experts have received interview requests from across the globe. We want to make sure our customers and friends know exactly what happened and what they can do about it. So, on Monday (AM in the US and PM in Europe) join our brightest security minds for a LIVE panel discussion on the massive breaches and what it all means for you.
Specifically we’ll discuss:

Register HERE!

Specifically we’ll discuss:
•      Exactly what happened, how the bad guys got in, and what it means
•      Possible ways to prevent future attacks of this nature
•      Up-to-the minute updates on the situation
•      Where patch, privilege management and whitelisting fit into all this
Honestly, this is a webinar you do not want to miss. It won’t be a product pitch, but a discussion about what’s going on and how to get it fixed so we’re all safer.  

http://mkto-i0073.com/r0020I2K0ZCW5eQXb00f0F0
10
LVL 132

Author Comment

by:Andrew Hancock (VMware vExpert / EE Fellow)
it's in the LINK

5.00 PM GMT
0
LVL 132

Author Comment

by:Andrew Hancock (VMware vExpert / EE Fellow)
The event will start at 10:00 am Denver Time on May 15, 2017.
0
5
LVL 7

Expert Comment

by:Brian Matis
It sure is... Thanks for doing your part, Andy, to help get everyone paying attention!
0
Some sites in NHS England, are now considering PAYING RANSOM requests to get files back, because of NO BACKUPS!
2
Microsoft release Security Patches for Windows XP and Windows 2003, against the SMBv1 Security Exploit which the NSA have been using for years!

see

http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598
11
LVL 132

Author Comment

by:Andrew Hancock (VMware vExpert / EE Fellow)
Correct, and for good measure turn fire ON, and block port 445.
5

Expert Comment

by:Adrienne Morgan
I love you to death because of your words and sayings
0
This is what is on some of the NHS screens at present!

3500.jpg
0
LVL 7

Expert Comment

by:Brian Matis
:-(
0
LVL 132

Author Comment

by:Andrew Hancock (VMware vExpert / EE Fellow)
DO NOT PAY THE RANSOME!
0
0
0
UK NHS (Health Service) in Meltdown, after now 36 Trusts around the UK are now considering paying the RANSOM demands, to get data back....as they maybe have no backups!

SHOCKING .... but does not surprise me!
1
LVL 7

Expert Comment

by:Brian Matis
I can understand the desire to pay... I can imagine for many places, a $300 ransom is cheaper than the costs of restoring the backups. But doing it does set a terrible precedent that could be much costlier in the long run, since it would further embolden more hackers. Raises the question: should there be a general policy of never negotiating with hackers?
0
LVL 132

Author Comment

by:Andrew Hancock (VMware vExpert / EE Fellow)
So far $48,000 USD has been paid!

PAY NO MORE....

DO NOT NEGOTIATE/PAY WITH HACKERS! OR CRIMINAL GANGS!
0
Organizations in 99 countries are being targeted and hacked by “WannaCry” ransomware, which takes advantage of a Microsoft vulnerability. If you haven’t already, install the official patch (MS17-010) to close the affected SMB Server vulnerability.

https://www.nytimes.com/2017/05/12/world/europe/international-cyberattack-ransomware.html
5
7
LVL 19

Author Comment

by:Kyle Santos
Nice.  Thank you.
1
LVL 132

Expert Comment

by:Andrew Hancock (VMware vExpert / EE Fellow)
I blame the NSA for creating the tools!
4

Ransomware

210

Solutions

506

Contributors

Ransomware is malicious software, designed to block data access in order to extort money. As a form of malware, ransomware is most often used to infiltrate devices through infected emails or links that, in turn, recognize and take advantage of vulnerabilities in the operating system and installed third-party software.