Ransomware Attacks Critical Systems Worldwide

Many organizations across the globe were victims of a malicious software attack on Friday. “WannaCrypt” is a type of known attack which locks and prevents access to critical systems and information. Both Microsoft and KiZAN have been monitoring the developments closely, and we want to share the information and the resources that are available.

• Firstly, Microsoft worked aggressively to ensure the attack was understood and took all possible protective actions. Additionally, Microsoft is using the MSRC blog - Customer Guidance for WannaCrypt attacks- to post information and resources in a single location. This up to date information will help our clients respond appropriately to this latest threat.
  
  
• Secondly, if you have not already done so, it is critical that you immediately deploy the security update associated with Microsoft Security Bulletin MS17-010. Customers that have automatic updates enabled or that have deployed this update already are protected from the vulnerability these attacks are trying to exploit.

Malware Detection

• Windows Defender, System Center Endpoint Protection, and Forefront Endpoint Protection detect this threat family as Ransom:Win32/WannaCrypt. 
  
  
• A free Microsoft Safety Scanner designed to detect this and other threats is available at this link: http://www.microsoft.com/security/scanner 

Recommendations/Resources:

1. Review the Microsoft Security Response Center (MSRC) blog: Customer Guidance for WannaCrypt Attacks for an overview of the issue, details of the malware, suggested actions, and links to additional resources.
   
   
2. Keep systems up-to-date. Specifically, for this issue, ensure Microsoft Security Bulletin MS17-010 Security Update for Microsoft Windows SMB Server is installed.
   
   
3. Customer Service and Support: Customers who believe they are affected can contact KiZAN for further guidance: https://www.kizan.com/contact
   
   
4. Microsoft Malware Detection and Removal Tools: Customer can use the following free Microsoft tools to detect and remove this threat:
   1. Windows Defender: https://www.microsoft.com/en-us/windows/windows-defender
   2. Microsoft Safety Scanner: http://www.microsoft.com/security/scanner
      
      
5. Additional Resources:
   1. Microsoft Security Response Center Blog: http://blogs.technet.microsoft.com/msrc
   2. Microsoft Malware Protection Center Blog: http://blogs.technet.microsoft.com/mmpc
   3. Microsoft Safety and Security Center webpage: http://www.microsoft.com/security/default.aspx