WANNACRYPT RANSOMWARE – AN ACTION PLAN TO IMPROVE YOUR CYBER RESILIENCE DEFENSES

  • By Steven Malone, Director of Security Product Management at Mimecast

The global reach and considerable impact of the WannaCrypt (WannaCry/Wcry) ransomware is a wake-up call for organizations and governments around the world. This on-going cyber threat will continue to adapt to take advantage of weaknesses in IT systems and procedures. New variants of this malware may cause even more damage if you do not act immediately.

At Mimecast our first priority is to help protect our customers against the latest threats. Our services help protect email which has traditionally been the primary attack route for ransomware.

Early samples have revealed that the ransomware is spread over local networks and the internet by abusing Server Message Block (SMB) protocol weaknesses. Although no Wcry ‘smoking gun’ infection emails have yet been found, it is highly likely that future variants will use email.

This short guide is designed to help all organizations complete a review of network security, backup and business continuity systems and processes.

We are also providing additional insights into how to make easy and quick configuration changes to ensure your Targeted Threat Protection solution is optimized. As many of you already know, a comprehensive “defense in depth” strategy is the best approach to mitigation of current and future variants of Wcry and other ransomware.