Select Page

CATS WannaCry

THE INTERNET IS DYING! ALL DATA IS BEING DESTROYED! HERE COMES THE NETWORK APOCALYPSE!

If you’ve been paying attention to the news over the last week, the above thoughts may have either crossed your mind or have been implied by the media. This is due to the recent reported events regarding the dangerous spreading of a new strain of ransomware titled WannaCrypt which has been given the common nickname of WannaCry. In my line of work, it is situations like these that bring on some of the most stress inducing days. But here at CATS and within my role specifically, it’s my job to take on that stress on behalf of you, our clients, so that each of you can continue with the important task of running your business. You shouldn’t need to worry about things like WannaCry and I’m here to tell you that you do not need to. I’m sure that the last thing you want to see is yet another boring press release or bulletin from some faceless representative at an unreachable entity about this topic so I’m here to simply give you the facts that you should need and want sprinkled in with some good ol’ human charm.

My name is Eric Tate and I am the Director of Technology here at CATS Technology. Allow me to take you on a journey for a moment.

To our existing clients, I hope that this post shows you how much we at CATS care about each and every one of you. You’re the shine on our apple and we look forward to providing you with the highest quality of IT support available for a long time to come. If you’re not an existing customer, feel free to reach out to our sales department at Sales@CATSTechnology.com or (732) 204-7100 option 3 to learn about the many ways that CATS can take the stress out of your IT operations.

Let’s start our WannaCry journey by hitting the rewind button and going back to last Sunday. This wasn’t just any Sunday. Mother’s Day was upon us! As the father of the most amazing nearly-two-year old girl I have ever had the honor of knowing and having the privilege of getting to raise her side-by-side with my lovely wife, this was a day filled with plans and surprises. As news about WannaCry began spreading through the media over the course of the weekend, my cell phone’s battery was getting a great workout as the calls, texts, and emails began flowing in from colleagues, friends, and family all getting worried about how this may affect them. Considering my day was already filled with the stress of giving my family a wonderful day, the last thing that I wanted was additional stress put on top. But thanks to the confidence I have in our team at CATS Technology and the power of our CATS Guardian system, I was able to continue through the day free of any stress caused by WannaCry!

Here’s the reality: Your systems are going to be fine!

Let’s quickly get through the technical background of WannaCry with the help of everyone’s friend, Wikipedia. The ransomware attack began one week ago today on May 12th, 2017 and spread to over 230,000 computers in over 150 countries. The bulk of the infections occurred in foreign countries. WannaCry utilizes an exploit titled EternalBlue which was developed by the NSA which had been released by a hacker group known as The Shadow Brokers. The vulnerability makes use of an exploit in the SMB protocol found in Microsoft Windows based systems. Back on March 14th, 2017, Microsoft released a critical patch for Windows systems that were still under active support which closed the exploit used and rendered WannaCry useless. The patches released were included in Microsoft’s cumulative security update that was released in March. Then, in an unprecedented action, Microsoft also released a patch for the vulnerability this week that closes it on no-longer-supported versions of the Windows operating system such as Windows XP and Server 2003. All of the mentioned updates continue to be covered via Microsoft’s monthly cumulative security updates.

So if Microsoft already patched the vulnerability, why is everyone making such a big deal about this? Well, one could say it’s because it draws income to those media outlets. But in addition, we unfortunately live in a world where many people and companies do not keep their computer systems patched up to date with the latest security patches. In addition, Microsoft Windows piracy is unfortunately quite common. Those pirated copies cannot always check-in with Microsoft to receive those patches. These two situations then result in countless amount of computer systems still remaining vulnerable to this day and the spreading of WannaCry that comes along with it.

If you’re a CATS Ultimate Care subscriber though, you don’t need to worry! We proactively keep your systems patched up to date and make sure that your systems are safe. We utilize multiple layers of security to protect you. So let’s peel back the curtain a little bit and take a look at our internal numbers and methods of keeping you secure.

At CATS Technology, all servers and workstations that we manage and protect are loaded into our internal management system that we call CATS Guardian. You’ve probably noticed the little blue T icon in your taskbar which represents our CATS Guardian system’s connection. Throughout the week, I ran custom reports against all of our managed servers and workstations to pull information pertaining to their Windows patch status. As of this past Wednesday, more than 99% of our managed computers had already received the patches provided in March’s cumulative security update. To be exact, only 13 computers were missing it. Even with that percentage being as tiny as it is, it still wasn’t good enough for me. I reviewed the thirteen machines in question so that I can have an understanding as to why they may not have been received the patches and found understandable reasons.

* Two are servers currently in development for a client project that is on hold and is currently pending the patching phase. The servers are sandboxed in a development lab and are not yet in production.
* One is an old CATS laptop that has not been used in months and is currently collecting dust.
* One is a client laptop that was archived by the client for data retention in the early part of this year and has not been powered on since.
* The other nine machines are miscellaneous client workstations that have not been online to receive the patch in multiple months.

Because every machine counts, we are currently working with the clients in possession of the last remaining unpatched machines so that we can complete the installation on them.

Happily absent from that less than 1% of vulnerable machines are all servers in production for our clients. This is thanks to the wonderful hard work of our CATS team and the CATS Guardian system.

By the way, if you’re already using Microsoft Windows 10, then you have nothing to worry about anyways. The vulnerability never existed within it.

In addition, because we care about each and every one of you, I utilized our CATS Guardian system to proactively mass-deploy the latest May cumulative security update to all of our managed Windows computers that hadn’t received it yet even if your monthly patching date is normally at the end of the month. In addition, my mass-deploy included all managed computers, not just ones covered for monthly patching by our CATS Ultimate Care proactive services. This is because we care about all of you especially in these confusing times. If you’re not currently an Ultimate Care subscriber and would like to upgrade your services with us to receive all patches moving forward, let us know and we’ll be in touch! I’m currently monitoring the status of the mass-deploy and will be working with our tech team to address any updates that may fail so that they can be manually resolved.

On top of all of this patching mumbo jumbo, we utilize other ways of proactively protecting you from WannaCry traffic. For example, if your environment is utilizing our recommended SonicWALL comprehensive security suite, you’re protected by the power of gateway level malware protection which is updated constantly on a daily basis and has been updated recently to capture the transmission of WannaCry data in-transit before it reaches your machines. Also, those of you who subscribe to our CATS Guardian Managed Antivirus (powered by Webroot SecureAnywhere) on your servers and workstations became protected very quickly following WannaCry’s discovery. Webroot updated their security definitions to include traffic and files associated with the WannaCry infection as soon as they were able to. And because your AV was set by us to check in with Webroot for the latest updates every 30 minutes, your local installation of our CATS Guardian Managed Antivirus quickly gave you yet another layer of protection.

If you aren’t subscribed to our CATS Ultimate Care services or would like to add on comprehensive gateway security and/or our CATS Guardian Managed Antivirus, now is a great time to reach out to our sales department for further information. If you’re unsure whether you currently subscribe or are protected by these services, let us know and we’ll be happy to perform a review with you.

I would be doing you a disservice if I made the claim that there is a 100% guarantee that no infection will ever hit your system. The unfortunate reality is that the criminals that continue to write ransomware infections do everything they can to try to stay one step ahead of those trying to stop them. The guarantee I can definitely give you though is that CATS Technology is here for you and remains stationed in the trenches 24/7/365 protecting you by any means necessary. We take these types of situations very seriously. In the unlikely event that an infection does make its way through, we’ll get you back up and running in minimal time.

I would like to personally thank each and every one of you for taking the time to read about how CATS Technology works around the clock to protect you and your company’s assets. If you have any questions or concerns at all, feel free to reach out to us at any time.

If this is your first time hearing about CATS Technology and would like more information about how we can help protect you from all of the scary stuff out there like WannaCry, we’re here for you as well! Contact our sales department at Sales@CATSTechnology.com or (732) 204-7100 option 3.

My wife and daughter heard no mention of WannaCry from me on that fateful Mother’s Day thanks to the power of CATS Guardian. Let us bring that type of worry-free living to you and your business so that you too can enjoy your holidays!