Ransomware WannaCry has limited impact

The ransomware program WannaCry, launched on May 12, targets the Microsoft Windows operating system. While this malware has infected over 200,000 computers worldwide, the attack affected around 100 computers across the 50,000 devices on the MIT network.

This limited impact is due to the many security services provided to the community by MIT Information Systems and Technology (IS&T).

“MIT values an open network to foster research, innovation and collaborative learning,” says IS&T Associate Vice President Mark Silis. “We continuously strive to balance potential security risks with the benefits of our open network environment by offering a number of security services to our community, including Sophos anti-virus, CrowdStrike anti-malware, andCrashPlan backup.

“IS&T staff are working with faculty, staff, and students to secure their devices and address any remaining issues related to WannaCry. In the weeks ahead, our department will continue to educate and advise the MIT community.”

A post on the CISCO Talos blog provides in-depth technical details about the WannaCry ransomware attack.

Preventive measures

IS&T strongly recommends that community members take this opportunity to make sure their Windows machines are fully patched, especially with the MS17-010 Security Update. Microsoft has even released patches for Windows XP, Windows 8, and Windows Server 2003, which are no longer officially supported.

In addition, IS&T recommends installing Sophos and CrowdStrike. These programs successfully block the execution of WannaCry ransomware on machines where they have been installed. A third program, CrashPlan, is also recommended. This cloud-based offering, which runs continuously in the background, securely encrypts and backs up data on computers. Should files be lost due to ransomware or a computer breakdown, restoring data is straightforward.

IS&T offers these three programs to the MIT community at no cost and can help with installation questions. The department also encourages users to enable operating system firewalls on computers and laptops.

Getting help

Community members who believe their computers have been infected with WannaCry can contact the computing support staff in their department, lab, or center or the IS&T Service Desk.

As always, IS&T asks community members to be on guard against sophisticated phishing email messages designed to fool recipients into clicking on a malicious link or opening an infected attachment.