Essent and its Products and Services Unaffected by WannaCry Ransomeware


Problem

A critical and widespread ransomware attack is affecting Microsoft Windows operating systems.

The ransomware, known as WannaCry, WCry, or Wanna Decryptor, encrypts most or all of the files on a user’s computer, making the files inaccessible. The ransomware demands $300 in bitcoin in order to decrypt the files and make them accessible again.

The attack was discovered the morning of Friday, May 12, 2017, according to the United States Computer Emergency Readiness Team (US-CERT). The virus had reached more than 200,000 computers as of the morning of Monday, May 14, 2017, and continued to spread, according to published reports.

US-CERT says the hacker or hacking group behind the attack is gaining access to enterprise servers through Remote Desktop Protocol (RDP) compromise or through the exploitation of a critical Windows Server Message Block (SMB) vulnerability.


Essent Service Impact Analysis

There is no impact to Essent products and services.

Essent was aware of this problem from its announcement and immediately took action to verify that no Essent offerings or Facility Management Support (FMS) service subscribers were vulnerable.

All business and commerce products including, but not limited to, EssentOne™, Compass™, SiteBuilder™, PunchOutNow™, Direct2Decoration™, and OrderTrax™ are not affected. The Essent Commerce Cloud™ is not affected by this vulnerability. Essent security products, like the Netset™ Network Security Appliance, are not vulnerable to Wanna Cry.


Corrective Action

No corrective action is required as it pertains to Essent offerings or Facility Management Services (FMS).

Those who have non-Essent offerings or facilities that may be affected by the vulnerability can download Microsoft security updates. Microsoft has released security patches for its SMB Server as well as its Windows XP, Windows 8, and Windows Server 2003 operating systems. Verify your systems have a current backup. Contact your IT service provider as soon as possible to remediate vulnerable systems.

Exploits that follow the patterns and practices of WannaCry are expected to grow. Discontinue use of End of Life (EOL) products, like Windows XP as soon as possible.

In general, Essent recommends using up-to-date and supported servers, operating systems, software, and web browsers as these employ the latest security and continue to be supported by their providers. Outdated, legacy, unsupported, and End of Life (EOL) technology is inherently more vulnerable because providers typically do not update its security to protect against new vulnerabilities.


Share This:
FacebookRedditSlashdotDZoneNetvouzTwitThisLinkedInDiigo