Wednesday, May 17, 2017

Fortinet Urges Organisations in APAC to Take Preventive Measures as Devastation of Massive Ransomware Attack Widens

Wazzup Pilipinas!

As Ransomware WannaCry and its variants continue their global ‘cyber-siege’ across multiple industries, Fortinet, a global leader in high-performance cyber security solutions strongly advises organizations in APAC region to take immediate steps to protect against the highly virulent ransomware strain.

“Fortinet’s FortiGuard Labs has been monitoring and analyzing threat telemetry gathered from over two million sensors around the world. WannaCry and its variants is a highly virulent ransomware strain which is capable of self-replicating. This ransomware is being referred to by a number of names, including WCry, WannaCry,WanaCrypt0r, WannaCrypt and Wana Decrypt0r. It spreads through an alleged NSA exploit called ETERNALBLUE that was leaked online in April 2017 by a hacker group known as The Shadow Brokers. ETERNALBLUE exploits vulnerability in the Microsoft Server Message Block 1.0 (SMBv1) protocol,” said David Maciejak, Director of Security Research at Fortinet.

"WannaCry has infiltrated thousands of organisations around the world, including many key institutions. This ransomware is especially notable for its multi-language ransom demands that support more than two-dozen languages,” added Maciejak. Fortinet’s tracking analysis shows that there has been an average of more than 4,000 ransomware attacks every day since January 1, 2016.

If an organization has been affected by ransomware, Fortinet strongly advise the following steps to be taken:

  1. Isolate infected devices immediately by removing them from the network as soon as possible to prevent ransomware from spreading to the network or shared drives. 
  1. If your network has been infected, immediately disconnect all connected devices.
  1. Power-off affected devices that have not been completely corrupted. This may provide time to clean and recover data, contain damage, and prevent conditions from worsening.
  1. Backed up data should be stored offline. When an infection is detected, take backup systems offline as well and scan backups to ensure they are free of malware.
  1. Contact law enforcement immediately to report any ransomware events and request assistance
For organizations that have so far been spared a ransomware attack, Fortinet recommends that users and organizations take the following preventive measures:
  • Establish a regular routine for patching operating systems, software, and firmware on all devices. For larger organizations with lots of deployed devices, consider adopting a centralized patch management system
  • Deploy IPS, AV, and Web Filtering technologies, and keep them updated
  • Back up data regularly. Verify the integrity of those backups, encrypt them, and test the restoration process to ensure it is working properly
  • Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users
  • Schedule anti-virus and anti-malware programs to automatically conduct regular scans.
  • Disable macro scripts in files transmitted via email. Consider using a tool such as Office Viewer to open attached Microsoft Office files rather than the Office suite of applications
  • Establish a business continuity and incident response strategy and conduct regular vulnerability assessments
“Fortinet addresses organizations’ cyber security challenges with an intelligent Security Fabric that spans the entire network, linking different security sensors and tools together to collect, coordinate, and respond to malicious behavior whenever it occurs,” said Maciejak. “Only by harnessing all their cyber defence resources in a coordinated way can firms effectively fight massive cyberattacks like WannaCry.”

About "" is the fastest growing and most awarded blog and social media community that has transcended beyond online media. It has successfully collaborated with all forms of media namely print, radio and television making it the most diverse multimedia organization. The numerous collaborations with hundreds of brands and organizations as online media partner and brand ambassador makes a truly successful advocate of everything about the Philippines, and even more since its support extends further to even international organizations including startups and SMEs that have made our country their second home.

Post a Comment

Ang Pambansang Blog ng Pilipinas Wazzup Pilipinas and the Umalohokans. Ang Pambansang Blog ng Pilipinas celebrating 10th year of online presence
Copyright © 2013 Wazzup Pilipinas News and Events
Design by FBTemplates | BTT