Security notification - WannaCrypt Ransomware cyber attack
May 29, 2017
Toshiba Corporation
Since May 12, 2017, the impact of the Ransomware called WannaCrypt (or WannaCry, WCry, Wanna Decryptor) has spread all over the world. This notification is to broadly inform to the customers of Toshiba products / systems (social infrastructure systems, enterprise information systems, business products and consumer products, etc.) about the impact and recommended countermeasures on WannaCrypt Ransomware.
(This notification does not report on the actual impact or damage to Toshiba products.)
Affected Products
Products using Microsoft® Windows® operating systems
Summary
WannaCrypt exploits Microsoft® Windows® file sharing vulnerability to infect. Once a system is infected, it encrypts the file and requests ransom (by bit coin) as decryption fee.
Recommended countermeasures
Toshiba Corporation recommends several countermeasures to protect your systems from cyber attacks, but not limited to:
- Install the latest Microsoft security patches on your Windows
- Update your antivirus software and its pattern file
- Take a backup of your system
- Don’t open any suspicious attached files and URLs of external site including e-mail
- Notify to employees on the malware and security countermeasure
If infected, the following actions are required:
- Restore from previously collected backup of your system
More Information
- ICS-CERT: ” Indicators Associated With WannaCry Ransomware”
https://www.cisa.gov/news-events/ics-alerts/ics-alert-17-135-01i
- Microsoft (MS) Customer Guidance for WannaCrypt Attacks
https://msrc.microsoft.com/blog/2017/05/customer-guidance-for-wannacrypt-attacks/
- Microsoft (MS) WannaCrypt ransomware worm targets out-of-date systems
https://www.microsoft.com/en-us/security/blog/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/
Legal Disclaimer
This notification does not indicate explicitly or implicitly any kind of guarantee or warranty, including the suitability of Toshiba products.