A critical and widespread ransomware attack is affecting Microsoft Windows operating systems.
The ransomware, known as WannaCry, WCry, or Wanna Decryptor, encrypts most or all of the files on a user’s computer, making the files inaccessible. The ransomware demands $300 in bitcoin in order to decrypt the files and make them accessible again.
The attack was discovered the morning of Friday, May 12, 2017, according to the United States Computer Emergency Readiness Team (US-CERT). The virus had reached more than 200,000 computers as of the morning of Monday, May 14, 2017, and continued to spread, according to published reports.
US-CERT says the hacker or hacking group behind the attack is gaining access to enterprise servers through Remote Desktop Protocol (RDP) compromise or through the exploitation of a critical Windows Server Message Block (SMB) vulnerability.
There is no impact to Essent products and services.
Essent was aware of this problem from its announcement and immediately took action to verify that no Essent offerings or Facility Management Support (FMS) service subscribers were vulnerable.
All business and commerce products including, but not limited to, EssentOne™, Compass™, SiteBuilder™, PunchOutNow™, Direct2Decoration™, and OrderTrax™ are not affected. The Essent Commerce Cloud™ is not affected by this vulnerability. Essent security products, like the Netset™ Network Security Appliance, are not vulnerable to Wanna Cry.
No corrective action is required as it pertains to Essent offerings or Facility Management Services (FMS).
Those who have non-Essent offerings or facilities that may be affected by the vulnerability can download Microsoft security updates. Microsoft has released security patches for its SMB Server as well as its Windows XP, Windows 8, and Windows Server 2003 operating systems. Verify your systems have a current backup. Contact your IT service provider as soon as possible to remediate vulnerable systems.
Exploits that follow the patterns and practices of WannaCry are expected to grow. Discontinue use of End of Life (EOL) products, like Windows XP as soon as possible.
In general, Essent recommends using up-to-date and supported servers, operating systems, software, and web browsers as these employ the latest security and continue to be supported by their providers. Outdated, legacy, unsupported, and End of Life (EOL) technology is inherently more vulnerable because providers typically do not update its security to protect against new vulnerabilities.
Get the latest Essent Support Notices delivered right to your email inbox.
Essent is the leading provider of fully-integrated business management software solutions and services for process-intensive industries and the largest trading network for the promotional products industry. The Essent family of fully-integrated products and services combines best practices, business processes, software automation, and network communications to deliver unparalleled, unified business management solutions. Since 1980, Essent has offered the systems, service, software, and support critical to success in today's highly-competitive marketplace.