All Blogs
This past Friday, a major ransomware outbreak occurred affecting hundreds of thousands of users in over 150 countries, including healthcare facilities, major utilities, and large companies like FedEx.
Also, this Friday and over the weekend, the Team at Midnight Blue made sure that every computer that is covered under our BlueCentral managed service was pushed the appropriate patches and reboots were forced to make sure that the critical patches were applied right away. If you came in today and saw that your PC had been rebooted over the weekend, that was probably a good thing.
In regards to Microsoft patches, the specific Microsoft patch – MS17-010 – has been on most PCs (desktops and laptops) since March. All servers that we manage have been updated. Many of our managed PCs are set to auto-reboot as needed to make sure that patches are in place. However, we are recommending that all PCs are turned on and rebooted again today before 5pm. Please leave ALL PCs on overnight. We will be continuing to update the patch status of all managed PCs as they are reconnected to the network. There will be another round of patching this evening.
Additionally, as a BlueCentral managed services client, you also have SonicWALL security appliances and Trend Micro endpoint protection in place.
– SonicWALL firewalls – More ransomware is blocked at the firewall than anywhere else. If you have a SonicWALL in place with an active subscription for Gateway Security Services (CGSS), which you definitely do if you are BlueCentral client, then your SonicWALL firewall has been protecting your network from WannaCry (also known as WanaCrypt0r or WannaCrypt) ransomware since April 20, 2017, weeks ago.
– Trend Micro endpoint protection – All PCs managed by BlueCentral should have an active Trend license installed. As of 5/13, Trend was updated globally against this ransomware. Even if your PC is operating remotely, as long as it is connected to the Internet and Trend is installed, you are getting updates.
What else can you do to protect your business:
1 – Train your users to question emails – Many legitimate looking emails are not genuine. The fakes are hard to spot. Look for spelling mistakes, bad grammar, and other non-sequiturs. Most legit vendors will not ask for personal data via email. If you are ever not sure, just send to the Team at Midnight Blue and let us verify the email.
2 – DON’T CLICK!! – Never click on a link or attachment unless you are 100% sure that it is legit. If you weren’t expecting it, Don’t Click! A good alternative is to manually go to the website for the bank, vendor, or supplier and type your info. Another cool trick is to hover over the web link and see if the web address that is shown is the same that is on the email.
3 – Backup and Disaster Recovery – Unfortunately, sometimes the best or only recovery from a ransomware attack is to have a good Backup and Disaster Recovery system (and plan) in place. The servers on every BlueCentral managed network are backed up and verified by the Team at Midnight Blue every day. If you are not sure about the details of your current Backups or want to implement an even higher Disaster Recovery option to recovery faster, just let us know. We will be happy to review the options.