Protect Against Wannacry, a Ransomware “Weapon of Mass Destruction”

Protect Against WannaCry, a Ransomware “Weapon of Mass Destruction”

Massive. Unprecedented. A weapon of mass destruction. That’s how cyber security experts describe the ransomware worm, WannaCry that has shaken organizations the world over. To date, hundreds of thousands of computers in 150 countries have been crippled, from healthcare systems in the UK to universities across Asia—and the threat isn’t over. Now, new WannaCry variants are being detected—variants lacking the kill switch that mitigated the harm of their original.

How can you address your WannaCry threat?

Immediately address your Windows vulnerability

Malicious actors have exploited the known Microsoft vulnerability, EternalBlue, underscoring the importance of immediately installing security patches and maintaining supported software and operating systems.

As such, we recommend organizations:

• Continue to install new security patches • Block legacy protocols, like SMBv1, to protect against future evolutions of the malware • Upgrade to a supported version of Microsoft OS • Promptly patch their systems with Microsoft’s • Patch Arcserve UDP Appliances and RPS servers MS17-010 security update

Don’t pay the ransom

Manual decryption by attackers is required in the case of WannaCry. Given the intense search for those responsible, ransom payments are expected to remain untouched in Bitcoin addresses and requests for decryption to go unanswered.

That said, files stored outside of Desktop, Documents, or removable media may still be recoverable using the undelete tool.

Assess your backup and disaster recovery strategy

WannaCry has drawn the critical need for ransomware remediation into sharp focus. As such, we recommend all organizations take immediate steps to ensure they’re empowered to successfully backup and recover their data:

• Examine your RPOs and RTOs. • Confirm all data sources are backed up. Ensure your critical systems are backed up as Identify any servers or sources of data missing from frequently as possible, and that system recovery your data protection plan and apply the correct level will deliver against your business requirements. of data availability to ensure they’re recoverable. • Access the backup server as a user. • The 3-2-1 rule. When logging into your secure server, make sure Store at least three different copies of your data on you’re logging in as a user, not as an administrator. two different media, with at least one copy stored Never use your administrator account when opening offsite. It’s critical that your backup strategy features email or searching the web. redundancies and leverages storage options not vulnerable to attack—like tape, offline disk, and cloud. • Protect the protector. Make sure your backup files are stored on a secure • Practice the principle of least privilege. server with access limited only to those that When configuring accounts, only grant the degree of absolutely require it. These files are your best chance access privileges absolutely required by each role. at remediation, so ensure they’re secure.

Real-world ransomware recovery

“The last ransomware attack was unbelievably major. It hit 45 different servers, spread itself, and just went crazy. The executive suite actually moved into my office for a period of time, if that tells you anything.”

With Arcserve UDP, the IT network administrator was able to swiftly restore the backup from the previous evening, sidestepping a $30,000 ransom.

Circumvent ransom demands with Arcserve Unified Data Protection

Relied upon by 48,000+ customers in 150 countries around the world, award-winning Arcserve UDP delivers the enterprise-grade capabilities and ease-of-use required by small and overstretched IT teams.

Get the unparalleled flexibility you need to recover from both massive ransomware attacks and ordinary, everyday disasters, while meeting the unique needs of your business:

• Effortlessly deploy Arcserve as a software, • Seamlessly scale your backup and recovery appliance, or cloud solution coverage as your organization grows—from 1TB to 1PB, and beyond • Protect physical and virtual data, no matter where it lives—onsite, offsite, offline, and in the cloud • Instantly stand-up critical applications with virtual standby or Instant Virtual Machine • Easily identify actual RPOs and RTOs, set-up automated testing, and identify unprotected • Recover your data from file-based and image-based machines with Assured Recovery capabilities backups, or continuously available solutions

And, do it all from a single, elegantly simple management console

Ensure you’re protected

Contact your Arcserve representative or call +1 844 639 6792 to get started today

For more information on Arcserve, please visit arcserve.com