In the early hours of Friday, May 12, 2017, a hack now dubbed WannaCry began spreading like wildfire. For those unaware:
Leaked alleged NSA hacking tools appear to be behind a massive cyberattack disrupting hospitals and companies across Europe, Asia and the U.S., with Russia among the hardest-hit countries.
The unique malware causing the attacks — which [had] been spotted in tens of thousands of incidents in 99 countries, according to the cyber firm Avast — have forced some hospitals to stop admitting new patients with serious medical conditions and driven other companies to shut down their networks, leaving valuable files unavailable.
By Monday, the virus had reached more than 150 countries and ransomed hundreds of thousands of computers, and infected millions more. Some of the largest hospitals in the U.K. were hit, shutting down important services – keeping at least two London hospitals from admitting new, critical patients because they couldn’t access their files.
John Miller, manager of threat intelligence at the cybersecurity firm FireEye:
Given the rapid, prolific distribution of this ransomware, we consider this activity poses high risks that all organizations using potentially vulnerable Windows machines should address.
What was the common denominator between all of these computers? Their systems had not been updated with the latest critical patch that Microsoft had pushed out in March.
Tests proved that an un-patched computer connected to the internet could be infected in mere minutes. The most vulnerable systems have tended to be large deployments of computers without the patch, and those with unsecured firewalls.
As the hack continues to plague consumers and businesses alike around the world, it should serve as a fair warning to always update your computer within a reasonable amount of time.
If you’re running any of these operating systems with the proper updates, your computer should be protected:
- Windows 10
- Windows 8.1
- Windows 7
- Windows Vista
- Windows Server 2016
- Windows Server 2012
- Windows Server 2008
Computers running these operating systems are most at risk:
- Windows 8
- Windows XP
- Windows Server 2003
However, due to the high risk nature of this threat, Microsoft has taken the self-described unusual step of even patching older operating systems like those mentioned above.
Microsoft worked throughout the day to ensure we understood the attack and were taking all possible actions to protect our customers. This blog spells out the steps every individual and business should take to stay protected. Additionally, we are taking the highly unusual step of providing a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003. Customers running Windows 10 were not targeted by the attack today.
You’ve read articles here before, suggesting to wait or proceed with caution on system and security updates, and that still rings true. However, there is almost never a good reason to skip a security update altogether; just one machine with outdated security can expose your entire infrastructure.
We all know that it’s good practice to avoid clicking on suspicious links and opening emails from Nigerian princes – but the only way to be sure you’re safe from malware like WannaCry is to update your systems, especially when critical security updates come around.
You can find and download the MS17-10 security update for all Microsoft operating systems, which addresses the WannaCry security exploit, by clicking here. Microsoft has also put together a detailed blog post about the ransomware with more details and technical information, for those interested in learning more.