The Wannacry cryptovirus is causing global problems.  As of Sunday, May 14, the virus has spread to well over 100,000 systems in over 100 countries.  Version 2 is supposedly making the rounds now, the total effect of this virus is not yet known.  This virus attacks unpatched systems running Windows Server 2008 or older on an SMB exploit that was patched in March 2017.  The NSA had some hacking tools stolen from it which used the exploit, it is believed that this virus has been created using those tools.  Wannacry encrypts the user’s files and demands a payment in bitcoin to supposedly release the files, and spreads to other visible machines using SMB.  Your only true recovery is to restore your data and wipe your system, as you have no way to guarantee what changes have or have not been made to your system, even if you pay the ransom.

If you are running a true firewall (at RCT we deploy Sophos firewalls with Unified Threat Management), and have updated your systems since March 2017, you likely are not at risk for this virus.  if you are running Windows 10 or Server 2012 or newer, you also have largely mitigated the risk from this virus.

It is imperative in today’s IT world to update your systems, keep offline backups, and proactively protect your network.  At Rivercity Technology Services we follow the PDIR standard:

Prevent:  use hardware firewalls, keep current on updates, apply port control, provide user education, apply a good patch management strategy, don’t skip firmware updates

Detect:  monitor event logs, use security analytics, do statistical analytics, use anti-virus software, use tools like MBSA

Isolate: disconnect infected systems from the network immediately, do NOT power them off (destroys evidence trail).  You may need to look at what was done to a system and may lose that ability if it is powered off.

Recover: restore damaged files using backups, wipe and rebuild the infected system, implement updates to fix the problem so it does not happen again

For more information including a detailed article on this cryptovirus, visit our support page.

Jeff Shirley

Jeff Shirley

Founder & CEO
Jeff brings over 27 years of experience to the table, along with numerous awards, certifications, and real-world implementations.  His database solutions are currently running in industries including government, mining, agriculture, finance, education, science, research, non-profits, and healthcare businesses around North America and serve thousands of users day to day.  Jeff is a five-time MVP Award recipient for Microsoft Access, acknowledging contributions to community projects, evangelism, and educational outreach on Microsoft technologies.  Today there are less than 50 Access MVP’s worldwide. While Jeff focuses day to day on business management, IoT development, IT integrations and design, database architecture or other typical complex tasks, he also is a co-owner of Blue Heron Gardens, a commercial apiary running over 200 beehives.  Fresh honey is a small perk for many of our clients!

Mitch Redekopp

Partner
Mitch works with our clients day to day ensuring web development and IT projects are done to exceed customer expectations.  His background includes formal training in IT, Microsoft and CompTIA certifications, real-world business experience, and a true dedication to ensuring clients receive timely and professional support on their projects with Rivercity Technology Services.  Given the most difficult requests for IT solutions, Mitchell can assist our clients in finding a path to the best options which deliver results for our clients.  Mitchell is an avid soccer player and Manchester City fan, be sure to talk soccer with him when you can.