LLP_News_Alert_NEW_BRANDING

UHY LLP Michigan Practice

QUICK LINKS

Locations

Services

Industries

Careers

ARCHIVE

Missed an issue? New subscriber? Visit our news archive.

SOPHISTICATED RANSOMWARE WANNACRYPT TARGETS OLDER VERSIONS OF MICROSOFT

WannaCrypt is a serious ransomware attack that has caused major interruptions to individuals, businesses and governments around the world. However, what gives this ransomware teeth is that it took advantage of a vulnerability in Microsoft operating systems that has been public knowledge. Anyone who was using an operating system newer than Windows XP, could have simply patched their workstation and their only risk was to click on a link they shouldn't have. The problem is many people and organizations haven't patched their computers or are still running Windows XP.

Here are the highlights of how WannaCrypt did its damage:

An organization called Shadow Blue released NSA records that contained information about formerly undiscovered vulnerabilities and attack methods.
On March 14, Microsoft released a patch to fix one of those vulnerabilities in newer Windows operating systems.
This past Friday morning, WannaCrypt was released into the wild via phishing email. This probably appeared as a typical ransomware attack, encrypting all the victim's files and demanding a ransom to unencrypt those files.
What makes WannaCrypt so dangerous is that once it has infected one workstation, it has gotten past the firewall of the network that it is on and is then able to use the previously mentioned Microsoft vulnerability to infect hundreds or even thousands of other vulnerable workstations. Windows XP was especially vulnerable because Microsoft hadn't released a patch and had no plans to. However, on Saturday, Microsoft released a patch for Windows XP.
The attack was initially confined to Eastern Europe, Russia and China. However, after pausing for a few hours, appeared to explode all over the world.

For a clearer example of how the attack works: imagine someone in your household opens a phishing email and clicks an inappropriate link infecting their computer. That computer can see all of the other devices on your home network, in turn the infected computer attacks every other device with the Microsoft vulnerability. Other devices do not necessarily have to be PCs, it could be any device on your network running some variant of the Microsoft operating system. Security systems, smart devices, DVR, etc. often use Microsoft Windows as its operating system.

If you would like more information about what your organization can do to fortify its human firewall, please contact your professional at UHY Advisors in Detroit 313 964 1040, Farmington Hills 248 355 0280 or Sterling Heights 586 254 8141.

Our firm provides the information in this newsletter as tax information and general business or economic information or analysis for educational purposes, and none of the information contained herein is intended to serve as a solicitation of any service or product. This information does not constitute the provision of legal advice, tax advice, accounting services, investment advice, or professional consulting of any kind. The information provided herein should not be used as a substitute for consultation with professional tax, accounting, legal, or other competent advisors. Before making any decision or taking any action, you should consult a professional advisor who has been provided with all pertinent facts relevant to your particular situation. Tax articles in this newsletter are not intended to be used, and cannot be used by any taxpayer, for the purpose of avoiding accuracy-related penalties that may be imposed on the taxpayer. The information is provided "as is," with no assurance or guarantee of completeness, accuracy, or timeliness of the information, and without warranty of any kind, express or implied, including but not limited to warranties of performance, merchantability, and fitness for a particular purpose.

UHY Advisors, Inc. provides tax and business consulting services through wholly owned subsidiary entities that operate under the name of "UHY Advisors." UHY Advisors, Inc. and its subsidiary entities are not licensed CPA firms. UHY LLP is a licensed independent CPA firm that performs attest services in an alternative practice structure with UHY Advisors, Inc. and its subsidiary entities. UHY Advisors, Inc. and UHY LLP are U.S. members of Urbach Hacker Young International Limited, a UK company, and form part of the international UHY network of legally independent accounting and consulting firms. "UHY" is the brand name for the UHY international network. Any services described herein are provided by UHY Advisors and/or UHY LLP (as the case may be) and not by UHY or any other member firm of UHY. Neither UHY nor any member of UHY has any liability for services provided by other members.