The Wanna Cry Ransomware is a fast-spreading ransomware infection currently underway affecting hundreds of organizations worldwide including Fedex and the UK's National Health Service.
This Ransomware will render your documents unreadable until you restore from backup or pay a ransom to recover the data. Please take this seriously and do the following:
Do not open any email attachments, or click on any email links that you have not explicitly requested or that are suspect. When in doubt, please forward any questionable emails to our support desk.
Do not click on any banner advertisements.
Avoid visiting non-business related websites.
NEVER send personal information (bank account information, date of birth, address, social security number, etc.) via unencrypted email, and if you are ever requested to send this information, verify the request is legitimate before sending (or investigate an alternate way of providing this information).
For our NOCOLOGY Managed Service Clients:
Your systems have been updated. Please do your part to ensure your employees are educated on identifying scams, malicious links, and emails that may contain viruses.
Not using our NOCOLOGY Managed Services?
To protect yourself, your systems and your data please review the following:
Apply the latest Microsoft security patches for this particular flaw. This update was released several weeks ago. Microsoft is releasing an emergency patch for unsupported software versions including Windows XP, Windows 8 and Windows Server 2003. Please also consider upgrading these systems as soon as possible.
Make sure any anti-virus product is up-to-date and scan your computer for any malicious programs.
Back up important data on your computer in case it gets held for ransom. It is important you verify the backup and store it properly.
Educate your employees on identifying scams, malicious links, and emails that may contain viruses. When it doubt delete the email.
Consider running "penetration tests" against your network's security, at least once a year, according to the Department of Homeland Security.
Call us at 607.433.2200 if you have any additional questions.
12/30/2016 7:50am EST - One of our servers is currently unresponsive or slow. Support engineers are currently working on resolving the issues. We will update this alert once the issues have been fully resolved. Thank you for your patience and understanding.
12/30/2016 10:15am EST - The issues with the server being slow or unresponsive have been resolved. Support engineers are monitoring the server.
12/25/2016 5:15am EST - One of our servers had a failure and is being restored. We will update this page once it's back up.
12/25/2016 7:20am EST - The server has been restored and the server is back up. We are monitoring the server.
12/3/2016 2:15am EST - While monitoring the network we received an alert regarding a large, inbound denial of service (DoS) attack aimed at one of our servers. The amount of traffic has caused service interruptions to adjacent customers so, to protect the integrity of our network, we've instated a null-route on traffic to and from this IP. While the null-route is in place all traffic to and from that IP address, including legitimate traffic, will be dropped. The null-route will stay in place until the attack has subsided.
UPDATE 12/3/2016 2:58am EST - At this time we have removed the null route on the server. We are receiving no alerts against the server. Traffic will be monitored throughout the night to ensure no issues occur again.
5/5/2016 5:35pm EST - We have recevied notice that the web server at the 65.99.240.* IP address is currently unresponsive or slow. Support engineers are currently working on resolving the issues. We will update this alert once the issues have been fully resolved. Thank you for your patience and understanding.
5/5/2016 6:53pm EST - The web server at the 65.99.240.* IP address is back online.