Over the last 48 hours a new strain of Ransomware is attacking computers across the world, it has been most successful in Russia and the UK and experts expect that on Monday a new wave of attacks will hit the UK.

The payload is triggered from an email attachment or from an infected website that you are directed to from social media or again from an email. What makes this Virus so powerful is that is uses a exploit on a un-patched windows machine to spread to every other computer on your network that has not been patched.

Microsoft has been aware of the exploit since March and as such released a hotfix to close the vulnerability, however computers that have not enabled automatic updates will still be vulnerable and will spread the Virus to any other computer on your network that has not been patched.

What to do if your machine is infected

The most important thing to do is turn of any infected computers right away .
We would also suggest turning of all other computers on the network at this time and calling your IT support ASAP. if it can be caught at this point your recovery will be a lot easier. The sooner your IT knows the better it will be.  Do not email,  call them.  if you have no IT support then make sure you have good backups.

To remove the virus from your machine yourself take a look here 

What can you do to protect yourself

We have written up a list of things you can do to protect yourself and check if you have the required patch installed

Be Uber careful opening attachments and following links

If your computer is part of a Business network then the only way you will be infected is if you open up an email containing the Virus payload, or by following a link to an infected site. For the next few week we suggest all users become suspicious of all attachments and links from 3rd parties or from organisations you are not expecting emails from. You can always check with your IT Support anything you are unsure on.

Windows server 2008, 2008 R2 & 2012

Speak with your IT Support and ask them to confirm that the update has been installed, if your server is managed by RG computers then this has already been done.

To verify  Windows Update settings for windows 10,

by default Windows 10 has automatic updates enabled and so you should already have the patch installed . but if you want to check

  1. click the start button and type windows updates
  2. click on windows update setting
  3. it should say:

If your updates are not working, then speak with your IT Support to look into this.

  1. Click Start, click All Programs, and then click Windows Update.
  2. In the left pane, click Change Settings.
  3. If the Important updates setting is set to Never check for updates (not recommended), Windows Update is turned off. To automatically download and install important updates, click Install updates automatically (recommended).
  4. Under Recommended Updates, click Give me recommended updates the same way I receive important updates, and then click OK.

Other things to check

The second wave of attacks appears to have just started within the past few hours. This is going to be a rough week for Windows users. We recommend you speak to all your friend and work collages to check the above.

If you need help in developing your business strategy to deal with ransomware attacks or in keeping your hardware patched and up to date, call us on 0131 5100 360