How to Protect Clients from the WannaCry Ransomware Attack

The WannaCry Ransomware attack launched against organizations in over 74 countries worldwide. In this video, Chris Nyhuis, CEO of Vigilant Technology Solutions, discusses the attack with Intelisys’ SVP Cloud Transformation Andrew Pryfogle.
Learn more about what happened, how to talk about this vulnerability with your clients, and how to help them proactively get ahead of the threat.

More from the Vigilant Technology Solutions team:
WannaCry Ransomware Campaign
Summary:
Since last Friday, Vigilant has been closely tracking a major Ransomware campaign called “WannaCry” launched against organizations in over 74 countries around the globe. First starting in Europe, the attack has now spread to U.S. based organizations of all sizes, in all industries.
NOTE: Before getting alarmed, it’s important to understand that many people are over-reacting to this event. Organizations who have 1.) visibility into their networks and 2.) a solid patching program are positioned well to defend against this specific campaign.

“This attack is consistent with many of the attacks we see every day. Bad guys are racing to exploit vulnerabilities before organizations can get them patched. With the visibility of CyberDNA we’re able to see these attempts immediately, before they become wide spread.”
–Ryan Stillions, Vigilant Head of Detection & Response Services

This specific attack spreads across a network by exploiting vulnerable versions of Windows Server Message Block (SMB). While Microsoft has recently released patches for six SMB vulnerabilities, many organizations have yet to deploy them.
Once a victim system has been exploited, the WannaCry Ransomware encrypts files and prompts the user with a ransom message requesting $300 worth of bitcoin be paid to recover them.
For more information on the Windows SMB vulnerability, the WannaCry Ransomware campaign, as well as associated Indicators of Compromise, please see the following articles:
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
https://securingtomorrow.mcafee.com/mcafee-labs/analysis-wannacry-ransomware/
Vigilant Coverage:
The Vigilant Hunt Team is actively monitoring the situation.
All Vigilant CyberDNA customers have detection in place for exploitation attempts against the Windows SMB vulnerability, as well as network detection for the WannaCry Ransomware.
All Vigilant Managed Endpoint Protection customers are being deployed a custom emergency definition for all currently known variants of Ransom-WannaCry, and will continue to receive additional prevention signatures immediately as they are available.
Please keep in mind this is an ongoing campaign and we are updating our detection capabilities in real time, as well as keeping a close eye on customer networks as this event unfolds.
Recommended Courses of Action:
We suggest all customers implement the following Recommended Courses of Action at their soonest convenience.

  1. Review all Windows systems to ensure they have received the “Security Update for Microsoft Windows SMB Server (4013389)”, reference Critical Microsoft Security Bulletin MS17-010: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx published on March 14th, 2017.
  2. Any public-facing Windows system with Server Message Block exposed to the internet should be immediately patched, or taken offline from public access.
  3. As a best practice, SMB (ports 139, 445) should not be exposed publicly, and should be blocked from all externally accessible hosts.
  4. All internal Windows systems should be patched immediately to avoid internal lateral spreading of the WannaCry Ransomware.
  5. Perform an update to your endpoint protection / antivirus software definitions immediately.
  6. Ensure users are instructed to leave systems powered on so they can receive patches and definition updates.
  7. Ensure critical user files and data are backed up appropriately and your organizations restore procedures are tested and communicated.
  8. Brief your Help Desk personnel to be on heightened alert for any inbound calls regarding Ransomware pop-ups, and to review their response plans accordingly.
  9. Notify Vigilant of any reported cases of WannaCry Ransomware in your organization.

Thank you,
The Vigilant Technology Solutions team

Blogs, Announcements, & Press

Quick Links

ScanSource

Intelisys University

MyIntelisys

Privacy Policy

California Consumer Privacy Statement

Get In Touch

Phone: 800.615.8330
Email: intel_info@scansource.com

Press Inquiries:
Natalyn Klump
Public Relations Manager
natalyn.klump@scansource.com
864.286.4420

Facebook Youtube Linkedin Instagram

Ken Mills

President

Ken Mills serves as President of Intelisys and is committed to driving growth for Intelisys and our partners. As a distinguished technology executive with over two decades of experience, Ken has previously held leadership roles at EPIC iO, Dell Technologies and Cisco, and served as a fellow with the U.S. Department of State. His strategic mindset has been an integral part of launching innovative products and solutions in the fields of AI, IoT, and 5G. Ken is driven by his curiosity and passion for groundbreaking technology and complex problems, and constantly explores new frontiers in the world of technology.

Monica Lutes

Manager, People & Culture, ScanSource, Inc. and Intelisys

As Manager, People & Culture, Monica has worked closely with Intelisys employees and leaders since 2018 and has worked with ScanSource companies since 2016. A Human Resources professional with 11 years of experience encompassing all areas of HR, especially employee relations, recruiting, compliance, and training, Monica approaches her role as Manager, People & Culture from a consultative perspective. Her goal is to provide advice and guidance to leaders so they can focus on growing the best teams for the business while also supporting employees’ goals.

Ansley Hoke

SVP Marketing, ScanSource, Inc. and Intelisys

Ansley Hoke is the Senior Vice President of Marketing at ScanSource, Inc., a role she has held since 2019, and extended her leadership to include Intelisys in 2023. She joined the company in 2001, serving in merchandising leadership roles for ScanSource POS and Barcode, including acting Vice President of Merchandising and then later VP of Merchandising for ScanSource Catalyst and overall VP of ScanSource Catalyst. She oversaw sales, supplier relations, and services. Known for her pivotal role in creating effective marketing strategies, Ansley has been integral in driving demand, enhancing partner programs, and significantly contributing to the company’s revenue growth and channel relationships.

Mike Baur

CEO of ScanSource, Inc. and Interim President of Intelisys

Mike Baur serves as Chairman and Chief Executive Officer at ScanSource. Mike has served as the Company’s President or CEO since its inception, as a director since December 1995, and as Chairman of the Board since February 2019. Mike has developed a deep institutional knowledge and perspective regarding ScanSource’s strengths, challenges and opportunities. He has more than 30 years of experience in the IT industry, having served in various leadership and senior management roles in the technology and distribution industries before joining ScanSource. Mike brings strong leadership, entrepreneurial, business building and development skills and experience to the Board.

Stephanie Bouras

Regional Vice President, Southeast

Driven by a partner-first philosophy and a passion for innovation, Bouras embodies a leadership style that’s both compassionate and data-driven. As the Regional Vice President, Southeast, at Intelisys, she’s leveraged her extensive marketing and sales experience to propel her team to new heights. A firm believer in aligning herself with her partners, she sees herself as a collaborator and an integral part of their business. This perspective has allowed her to forge deep connections and drive success. A Florida native, Stephanie’s attention to detail and unwavering commitment to her partners have been key factors in her success.

Michael Raspanti

Regional Vice President, Northeast

Michael joined Intelisys in June of 2020, as a long-time channel veteran. He is responsible for leading the Northeast Region, helping continue the tremendous momentum in one of our strongest markets while also recruiting new up and coming partners that will be the growth engine of our future success.

Kristy Thomas

Vice President, Partner Experience and Enablement

Thomas is responsible for Sales Partner enablement and education for all our technology segments, including CX, managed security, mobility, and connectivity. With over 20 years of executive background in telephony, UCaaS, CCaaS and Cloud services, Kristy enables her customers to think broader and deeper as she guides them through their decision journey. Some of the biggest deals in the channel have become a reality thanks to the expertise and humble excellence Kristy brings to her client’s projects.