.jpg)
18 May, 2017
Last week’s ransomware attack was by all accounts one of the most widespread cyber events we’ve seen. The pace at which the malware proliferated and the scope of the impact across companies and geographies was unprecedented. As the new work week begins, it’s unclear whether the worst is behind us – a “kill switch” that neutered the original version of WannaCry was discovered and registered, but new variants have already been found circulating. Our technical team is analyzing samples of WannaCry and we’re monitoring this situation closely as it evolves. We plan to publish additional information and advisories in the coming days.
Below we offer more detail on the nature of the original ransomware and what you can do to protect your organization. If you have already been impacted and require assistance stopping the spread, determining the impact or recovering your data, please contact us immediately. We can help. Regardless, we strongly recommend all organizations take action now to determine: Are you ready:
- When was the last time you reviewed your company’s patch management program? Your disaster recovery and business continuity plans
- Can you identify where all of your mission critical data resides and whether regular backups are being made?
- Does your cyber insurance policy provide adequate coverage? Have you taken the necessary steps to ensure you will be eligible to make a claim if your company is impacted?
- Have you communicated with employees about the latest phishing and social engineering techniques?
- Do you have an incident response plan in place and has it recently been tested so everyone knows what to do in the event of an attack?
- Are all necessary technical and procedural controls in place and operating properly?
- Has your security posture recently been assessed and tested and have you acted on the results?
For further information, please contact:
Paul Jackson, Managing Director, Stroz Friedberg
pjackson@strozfriedberg.com
