Confirmed reports indicate spread of an encryption based cyber-attack, in the form of ransomware that is targeting computers running windows operating system. The virus goes by the name ‘Wannacry’ or ‘Wannacrypt0r’ or ‘wanaDecrypt0r’.
The WanaCrypt0r attacks begin in an organization through phishing via a phishing email that includes a malicious link or PDF document. A successful phishing attack results in the WanaCrpt0r ransomware on the target system and an attempt to spread the WanaCrypt0r ransomware more broadly on the network using the SMB protocol to attack the EternalBlue vulnerability (CVE-2017-0144) on Microsoft Windows systems. This vulnerability was addressed by Microsoft in March 2017 with MS17-010 and was publicly disclosed by the Shadow Brokers group in April 2017. Organizations that have applied for MS17-010 are not at risk of the spread of WanaCrypt0r across the network. This is because MS17-010 addresses a remotely exploitable vulnerability in a networking component and is now under active attack, we strongly urge making deployment of this security update a priority.
Following the world wide cyber attack, Palo Alto Networks research unit has published an articale on the prevetnion of the attack.
Balton Tanzania Communications, as a Palo Alto Distrubtor, will help you protect your network. Contact us for more details: firstname.lastname@example.org