WannaCrypt Ransomware Impact

At the end of last week, the world began experiencing the effects of the WannaCrypt ransomware attack. This latest version of crypto-style malware leveraged a known exploit in Microsoft Windows server and desktop operating systems to encrypt files, forcing the user to pay a ransom to receive the key to unlock compromised data. This vulnerability was first made public in NSA documents released to the press in early March.

In mid-March, Microsoft released a security update for all currently supported OS versions which was approved for deployment to all of our clients through our automated security update system on March 20, 2017. In addition, for those clients who rely on Innovative managed firewall services, a similar update was also released to those with Internet Protection Services enabled to detect vulnerabilities against this strain of ransomware. Third-party testing has confirmed that these firewalls are successfully blocking the attacks.

As a result, clients who use our patch management system and managed firewalls should not be affected by this highly publicized ransomware, as long as their OSes are Windows Vista or Server 2008 or higher. However, we still have many clients who for various reasons continue to run unsupported OS versions, such as Windows XP and Windows Server 2003. Microsoft has released a series of unprecedented patches for some of these unsupported OSes. We are currently researching the stability of those patches as well as the best methods for deployment, and we plan to deliver these as soon as they are made available and verified safe for deployment. Additionally, clients with endpoints that have been in storage or otherwise offline prior to the patch release should work with Innovative to make sure their systems are patched.

— Ben Gagnon