iCarol response to WannaCry Ransomware attack
On Friday May 12, 2017 we were notified by Infrastructure Engineers that a massive global attack was underway which had already infected hundreds of thousands of computers and servers worldwide. This attack was known as the WannaCry virus and it targeted a vulnerability in Windows-based operating systems by encrypting the contents of a hard drive and any shared drive that computer was provided access. To decrypt the contents and return the hard drive back to a normal state, users were presented with a message demanding a ransom payment in Bitcoins, a virtual online currency that is difficult to trace.
Microsoft had recently released a patch to secure this vulnerability, which we had scheduled to deploy with our next patching cycle on June 11, 2017 after validation in our labs. However with news of this attack and following the recommendation from Microsoft Support and our Infrastructure Engineers, we acted swiftly and began the patching process of our external perimeter servers, considered to be at the highest risk of being targeted. By the end of the day Saturday May 13th, our exterior perimeter was secured in our production environments. We continued the process Sunday May 14th to secure our Disaster Recovery sites and by the end of the day Monday May 15th we completed the securing of our desktops, internal application and database servers. Following these actions, we can confidently say that all servers have now been secured in the iCarol infrastructure against the WannaCry virus.
Guidance for our users
We advise all of our users to be sure you stay up-to-date on browser and operating system updates on your machines. If you are running a Windows-based operating system please be sure to run the latest updates (Control Panel > Windows Update > Check for Updates) to make sure you pick up the latest patches and protect yourself from WannaCry and other viruses.
We take our role as stewards of your data, including sensitive information about the people you serve and the important work you do, very seriously. Should you have any questions about system security in the wake of the WannaCry Ransomware attack, please do not hesitate to reach out to our Support Team.