Ransomware could become a nonissue.
We survived last month’s WannaCry Ransomware attack. WannaCry struck folks who avoided the most recent Microsoft security updates. They also previously clicked a phishing link. WannaCry encrypted files and demanded $300US in BitCoin to make them readable. Proactive users avoided this nonsense.
WannaCry struck none of my clients. Hooray. Maybe I am strict about updates. Perhaps I show users how to vet a link before clicking. Maybe…both.
WannaCry has come and gone. Here’s what we learned:
- More than 90% of infected computers were running older versions of Microsoft Windows. Why users did not grab the free upgrade to Windows 10…is beyond me.
- WannaCry exploited a bug that Microsoft patched back in February. WannaCry impacted folks who intentionally blocked Microsoft Update from downloading and installing security patches.
- Victims previously clicked a phishing link. To see more on how WannaCry works, see WannaCry Ransomware.
Here’s some good news.
According to our friends at KnowBe4, Microsoft is pushing a Windows Update called the “Creators Update.” WannaCry cannot infect a workstation running Windows 10 Creators Update.
“Microsoft has been closely watching the onslaught of this new Ransomware epidemic and added a slew of new features to the second major update of Win10 which is called “Creators Update” — Win 10 CU for short — which has been rolling out for a few weeks, consumers first.
Presenting new anti-Ransomware protection features added in Win 10 CU, Robert Lefferts, Director of Program Management, Windows Enterprise and Security, said that no Windows 10 customer was affected by the recent WannaCry Ransomware outbreak that took place in mid-May and no currently known Ransomware strain can infect Windows 10.”
Next time Windows prompts you to download and install security updates…say YES. For proactive security awareness training, contact our friends at Knowbe4.