You may have heard that the spread of the ransomware slowed on Saturday, but it was by no means stopped. The spread of this ransomware or the rise of variants is far from over. Two variants have already been identified by leading cyber security firms. WannaCry spreads as a worm (by scanning other computers linked to any machine or system it infects for the same defect and leaping onto them) through a vulnerability in Microsoft systems, particularly on outdated software like Windows XP or Windows Server 2003 or 2011.
Even though security officials are seeing infections of WannaCry deploy via worm rather than relying on humans to spread it (by clicking on infected attachments), it is still a good time to remind staff to be extra vigilant and think before you click:
- Do not click suspicious links.
- Be suspicious of attachments and do not open files you are not expecting or do not recognize.
- Check sender email addresses to ensure they are ones you recognize.
- Never click bank links from emails. Contact banking website directly.
Lastly, though there are automatic scheduled reboots for workstations, we advise taking extra precaution, and rebooting your workstation on a regular basis when it is connected to your corporate network to ensure it is receiving all the updates it should.