[CyberSecurity] Cyber Awareness - Ransomware Spreading Globally

OneNet Security cybersecurity at lists.onenet.net
Fri May 12 16:38:14 CDT 2017 

A ransomware campaign is currently spreading globally.  Please review the
US-CERT advisory and alert users on the increase in cyber threats.

Recommendations:

-Close ports *22, 23, 3389, TCP 139 & 145/UDP 137 & 138*

-Verify Microsoft patch is applied *(**MS17-010
<https://technet.microsoft.com/library/security/MS17-010>).*

-Have good/tested data backups (preferably not connected to the network).

Thanks,

CK

*Chris Kosciuk*

*Information Security*

Oklahoma State Regents for Higher Education / OneNet
655 Research Parkway

Suite 200

Oklahoma City, OK  73104
405 225.9440 <(405)%20225-9440> office

*ckosciuk at osrhe.edu <ckosciuk at osrhe.edu>*

>>>>>>>>>>>>>>>>>>>>>>>>>>>

US-CERT has received multiple reports of WannaCry ransomware infections in
several countries around the world. Ransomware
<https://www.us-cert.gov/security-publications/Ransomware> is a type of
malicious software that infects a computer and restricts users’ access to
it until a ransom is paid to unlock it. Individuals and organizations are
discouraged from paying the ransom, as this does not guarantee access will
be restored.

Ransomware spreads easily when it encounters unpatched or outdated
software. The WannaCry ransomware may be exploiting a vulnerability in
Server Message Block 1.0 (SMBv1). For information on how to mitigate this
vulnerability, review the US-CERT article on Microsoft SMBv1 Vulnerability
<https://www.us-cert.gov/ncas/current-activity/2017/03/16/Microsoft-SMBv1-Vulnerability>
and
the Microsoft Security Bulletin MS17-010
<https://technet.microsoft.com/library/security/MS17-010>. Users and
administrators are encouraged to review the US-CERT Alert TA16-091A
<https://www.us-cert.gov/ncas/alerts/TA16-091A> to learn how to best
protect against ransomware. Please report any ransomware incidents to
the Internet
Crime Complaint Center (IC3) <https://www.ic3.gov/default.aspx>.

https://www.us-cert.gov/ncas/current-activity/2017/05/12/
Multiple-Ransomware-Infections-Reported
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.onenet.net/pipermail/cybersecurity/attachments/20170512/795a5350/attachment.html>

More information about the CyberSecurity mailing list