Keystone has been closely watching the outbreak of the WannaCry ransomware that has made global news. We have had no client issues related to this to date and want to make you aware that the tools we deploy will block this variant of WannaCry. We reduce the risk with firewalls, anti-virus, and patching policies (applying security updates, etc.). However, there are no guarantees on complete protection, although we wish there were. This is due to several factors out of our control including end user actions, new viruses, or other attacks being released daily.
The good news is, as patches and fixes are released we take steps to ensure they are applied to our client environments. Keystone maintains servers for critical updates. We keep end user workstations secure by using automatic updates from Microsoft. If end users see a message regarding Windows restarting for an update, they should restart as soon as time allows. Our user support team is ready to respond to any issues that may occur.
We will continue to be diligent in our efforts to protect you and your important data. If you have questions, please contact your Account Manager.
More information on the WannaCry ransomware can be found below:
Security Bulletin Summary:
This government security bulletin Threat Name: Ransom-WannaCry (also known as WCry, WanaCrypt and WanaCrypt0r). Initial reports indicate that WannaCry Ransomware has been gaining access to enterprise servers through the exploitation of a critical Windows vulnerability.
What does the WannaCry ransomware do?
WannaCry searches for and encrypts files and appends “.WCRY” to the end of the file name. It asks users to pay a US$300 ransom in bitcoins. The ransom note indicates that the payment amount will be doubled after three days. If payment is not made after seven days, the encrypted files will be deleted.