, ,

May 2017 Alert: Ransomware

Written By

Capsicum Group

To all clients and friends of Capsicum Group, LLC:

On Friday, the world was hit with one of the most significant, widespread and coordinated ransomware attacks: “WannaCry” aka “WannaCrypt.” Ransomware is a malicious cyber hacker program that locks data up and encrypts data – making it inaccessible to the owner – until a ransom is paid or the data / system is restored. The ransom is typically requested in Bitcoin, an anonymized form of digital currency, and WannaCry is requesting $300 to $600 in Bitcoin. It is important to note that it has not been verified whether every instance of the WannaCry ransomware, once paid off, actually provides the decryption code.

There are three main points that Capsicum Group, a digital forensics and cybersecurity consulting firm that has served technology clients for over seventeen years, would like to emphasize:

(1) Do not power on a device that could potentially be infected – a digital forensics / cyber investigation team should be called in to analyze servers/laptops/other devices while they are turned off;

(2) Confirm that your system is backed up properly and frequently; and

(3) Ensure that your IT provider (in-house as well) is capable of responding to a ransomware threat (and the necessity of being proactive, including pushing out timely operating system patches and antivirus/spam filter updates).

Capsicum Group continues to assist clients in responding to a variety of cybersecurity threats, including ransomware, by forensically preserving evidence, investigating systems breaches, managing intrusion response and helping clients address and mitigate risks. Do not hesitate to call us at 1-888-220-3101 with any questions or concerns.

Capsicum Group, LLC