Rivercity Technology Services LTD Logo
About Us
Services
Icon showing a support technician
IT Support Services
Cybersecurity Risk Management at one predictable flat rate.
Icon of light bulbs on a laptop screen
IT Consulting
Business optimization through the smart use of technology.
Icon showing a hand holding a phone
Business Phone Services
VoIP Telephone solutions from RCT. 
Icon showing a database and a cloud
Backups & Recovery
Cloud & On Premise - ready to recover!
Icon showing website wireframes
Website Development & Hosting
Web design and full hosting & maintenance packages!
Icon showing an envelope being opened
Modern Email Management
Microsoft 365 email provisioning, security & management.
Icon of a magnifying glass inspecting binary code on a computer screen
Cybersecurity Risk Assessment
Internal auditing to help identify potential cyber threats.
“You’re giving me the ‘it’s not you, it’s me’ routine? I invented ‘it’s not you, it’s me.’ Nobody tells me it’s them not me; if it’s anybody, it’s me.”
- George Costanza
Learning CenterNewsletterContact Us
Book A Consultation
Illustration of a person writing a blog post with a pencil

Wannacry Cryptovirus - what you need to know

The Wannacry cryptovirus is causing global problems.  As of Sunday, May 14, the virus has spread to well over 100,000 systems in over 100 countries.  Version 2 is supposedly making the rounds now, the total effect of this virus is not yet known.  This virus attacks unpatched systems running Windows Server 2008 or older on an SMB exploit that was patched in March 2017.  The NSA had some hacking tools stolen from it which used the exploit, it is believed that this virus has been created using those tools.  Wannacry encrypts the user's files and demands a payment in bitcoin to supposedly release the files, and spreads to other visible machines using SMB.  Your only true recovery is to restore your data and wipe your system, as you have no way to guarantee what changes have or have not been made to your system, even if you pay the ransom.

If you are running a true firewall (at RCT we deploy Sophos firewalls with Unified Threat Management), and have updated your systems since March 2017, you likely are not at risk for this virus.  if you are running Windows 10 or Server 2012 or newer, you also have largely mitigated the risk from this virus.

It is imperative in today's IT world to update your systems, keep offline backups, and proactively protect your network.  At Rivercity Technology Services we follow the PDIR standard:

Prevent:  use hardware firewalls, keep current on updates, apply port control, provide user education, apply a good patch management strategy, don't skip firmware updates

Detect:  monitor event logs, use security analytics, do statistical analytics, use anti-virus software, use tools like MBSA

Isolate: disconnect infected systems from the network immediately, do NOT power them off (destroys evidence trail).  You may need to look at what was done to a system and may lose that ability if it is powered off.

Recover: restore damaged files using backups, wipe and rebuild the infected system, implement updates to fix the problem so it does not happen again

For more information including a detailed article on this cryptovirus, contact us.

Mitch Redekopp
Article Written by Mitch Redekopp

Get in Touch

Need IT Services or Cybersecurity for your business? Have tech questons? Contact us today, we'd love to help you!
Blog Sidebar Contact Form
Related Articles
Rivercity Technology Services LTD logo
We are your IT department. How would you like to manage your risk?
201-116 Research Dr,
Saskatoon, SK
S7N 3R3

306-933-3355
Services
IT ServicesPhone ServicesWebsite Dev & HostingBackups & RecoveryEmail Management

Copyright © 2024 - All Rights Reserved

crossmenu