النسخة العربية

Oman National CERT Towards a safe cyber environment

WannaCry Ransomware

WannaCry Ransomware

A major ransomware attack campaign hit computer systems and the attack appears to have affected a hundreds of private companies and public of organizations in several countries

View
Awareness lecture in Abdullah bin Sallam School

Awareness lecture in Abdullah bin Sallam School

Oman National CERT is organizing an awareness lecture on the topic of Blackmailing in Abdullah bin Sallam School in Al Amral – Muscat

View
Technical School Gathering Event in Hail Alawamer School

Technical School Gathering Event in Hail Alawamer School

Oman National CERT is participating in a technical school gathering event in Hail Alawamer school in Muscat...

View
COMEX 2017

COMEX 2017

The participation of Oman National CERT at COMEX 2017, organized by the Information Technology Authority (ITA), through a number of activities and programs, that aims to illustrate the services provided by OCERT

View
Safer Internet Day 2017

Safer Internet Day 2017

Over the years, Safer Internet Day (SID) has become a landmark event in the online safety calendar. In the Sultanate, Oman National CERT as the official SID National Committee is taking the initiative nationally...

View

Share it

Online Incidents Report
Request OCERT Services
Information Security Glossary

Latest Threats & Alerts

WannaCry Ransomware

Published Date:

5/12/2017


Severity:

High


Impact:

A major ransomware attack campaign hit computer systems and the attack appears to have affected a hundreds of private companies and public of organizations in several countries.
This ransomware encrypts the files with strong encryption algorithms which are hard to be decrypted. In order To decrypt and regain access to the files being encrypted, ransomware demands payment from you in the form of a Bitcoin ransom and give instructions on how to buy it, and provides a Bitcoin address to send it to in order to remove the infection from their PCs; otherwise, their files remain locked.


Affected Operating System & Version:

-Microsoft windows XP

-Microsoft windows vista

-Microsoft windows 7

-Microsoft windows 10


Solution(s):

Currently, there is no WannaCry decryption tool or any other solution available, so users are strongly advised to follow prevention measures in order to protect themselves:

• Upon detection of infections of this ransomware, It is recommended to isolate the infected machine from the network where possible to prevent the malware from spreading.
• Maintain up-to-date anti-virus software, and emphasize the awareness among the employees on the importance of using antivirus to scan attachments and files before download or execution .
• Make sure email protection software is exists and activated .
• Keep your operating system and software up-to-date with latest patches.
• Do not follow unsolicited web links in email.
• Use caution when opening email attachments.
• Conduct email security awareness among your employees to avoid being infected by similar malicious emails.
• Conduct routine backups of important files, keeping the backups stored offline.
• Microsoft released a patch for the vulnerability in March (MS17-010), but many users and organizations who did not patch their systems are open to attacks.https://technet.microsoft.com/en-us/library/security/ms17-010.aspx


• You can refer to Oman CERT article on Email security http://www.cert.gov.om/library_articles_details_arabic.aspx?article=1


Reference(s):

1-https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx

2-https://www.microsoft.com/en-us/security/portal/threat/threats.aspx

3-https://twitter.com/OmanCERT