Go to:

April 2019
< Mar May >
Leaguer Email Subscription

You are not currently subscribed. Click Subscribe below to receive the Leaguer email.

The Wannacry Attack
Friday, July 7, 2017 6:40 AM

Michael Salyer, IT Analyst, Credit Union Resources

It seems almost commonplace that we hear about new cyberattacks in the news lately. You may have heard about a significant ransomware attack called Wannacry. It got squashed pretty quickly but not before impacting several huge organizations. The cyberattack affected more than 300,000 computers worldwide.

For those unfamiliar with the term, ransomware is malware that infects files on a network and will not release them until the victim pays a ransom to the virus creator. Oftentimes, this will involve encryption, making it difficult, if not impossible, to access the files until the ransom is paid. Most times the system is merely locked, and a message is displayed trying to coerce the user into paying. During its initial phase, ransomware were typically files that encrypt particular file types (Word, Excel, .DLL files, and executables, to name a few). Eventually, the malware began infecting the system itself, preventing the PC from booting properly.

The identity of whoever deployed the software remains unknown. "The WannaCry exploits used in the attack were drawn from the exploits stolen from the National Security Agency," according to Microsoft President and Chief Legal Officer Brad Smith. He says that when the NSA lost control of the software behind the cyberattack, it was like "the U.S. military having some of its Tomahawk missiles stolen."

Windows users should update their software to avoid the ransomware, security experts say. In addition to Microsoft's Security Bulletin MS17-010 that patched the vulnerability in March, the company also issued a separate patch on Friday for users of older and unsupported operating systems such as Windows XP. More steps include:

  • Back up your computer and store the safety version in the cloud or on a drive that is not connected to your computer.
  • Use robust antivirus software.
  • Keep all the software on your computer up to date. Enable automatic updates.
  • Never open attachments in emails from someone you don't know. And remember that any account can be compromised.
  • Enable the "Show file extensions" option in the Windows settings on your computer. This will make it much easier to spot potentially malicious files. Stay away from file extensions like ".exe," ".vbs" and ".scr."
  • If you find a problem, disconnect your machine immediately from the Internet or other network connections (such as home Wi-Fi).

The world has changed, and no longer will doing just one of the above steps keep you safe. Only through constant diligence can you keep both your work and home computers safer. 


Assess Your Systems and Manage Your Risk
As technology changes, every credit union faces new security issues. Let Credit Union Resources help you stay on top of it—your future could depend on it. Our team of technology professionals provides guidance on compliance, shares best practices, and performs audits. We have a vested interest in your success, and your cybersecurity matters to us. To find out how we can help you manage cybersecurity and operational risks, contact:

Idrees Rafiq
800-442-5762, ext. 6799

Deanna Brown
800-442-5762, ext. 6464

About Credit Union Resources Inc.
Credit Union Resources is a service corporation that provides industry-leading solutions and expertise to credit unions across the country. Credit Union Resources is a wholly owned subsidiary of the Cornerstone Credit Union League, a regional trade association representing the interests of credit unions in Arkansas, Oklahoma, and Texas.