It is highly recommended that individuals and organizations using Microsoft Enterprise tools and Windows operating systems confirm that their technology was properly patched with Microsoft Security Bulletin MS17-010, released March 14, 2017. As of the date of this Alert, ransomware known as WannaCry infected computers in 99 countries in less than 14 hours, primarily on systems which failed to install the MS17-010 patch. WannaCry operates by encrypting user files and systems, which cannot be unlocked by users without paying a ransom or through complex systems auditing and code removal.
We predict instances of WannaCry will mushroom in the U.S. this evening as students and professionals begin returning home and check emails from personal devices. Anecdotal evidence has shown that WannaCry can jump from personal devices to enterprise servers, and vice versa, through virtual private networks, the main conduit for distance learning programs and telecommuting platforms. We advise that all clients remain vigilant in updating and patching their technology on an immediate basis, as WannaCry is yet another example of the costs of remediation far exceeding prevention.
Companies with systems that are exposed to WannaCry may have disclosure responsibilities for customers and insurers, as well as other regulatory requirements under state and federal law.