|Create Date||May 17, 2017|
|Last Updated||May 17, 2017|
As you may have heard a global ransomware attack referred to as WannaCrypt (WannaCry/ Wcry) has made global headlines over the last few days, and the proliferation of the threat has grown exponentially. Affected systems have seen a ransom demand message asking for Bitcoin ransom (per infected client) in order to decrypt files. This has affected both corporate and government bodes with estimates in the region of 270,000 servers across over 100 countries being hit.
Who is affected?
Early samples have revealed that the ransomware is spread over local networks and the internet by abusing a vulnerability in Microsoft’s Server Message Block (SMB) protocol, a server-based message and file sharing protocol.
What you should know from Mimecast?
Mimecast is closely monitoring the ransomware outbreak affecting organizations around the world. While the initial infection point is yet unknown, it is reportedly spread further by the way Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests.
- Read Mimecast's Partner Internal FAQ to understand more about the attack and how Mimecast is responding
Since a high percentage of ransomware is spread by email attachments, we urge organizations to consider using sandboxing and/or safe file transcription services in Mimecast Targeted Threat Protection.
|Mimecast FAQ on WannaCrypt Ransomware Outbreak FINAL.PDF|