Call us on 01224 825 678


« Return to Articles

Wannacrypt ransomware precautions

The Wannacrypt ransomware that significantly impacted a number of systems throughout the world including the NHS has the potential to escalate when people return to work on Monday. At present we are not aware of any infections on systems that we support and we hope that continues.

As a precaution we have taken the following action:

  • For all of servers that we support on a fixed price basis we have moved forward our normal 3rd and 4th Wednesday evening of the month security patch updates and ran the May patches over-night on Friday. Apologies for disrupting your systems outside the normal update periods but we felt it prudent to take this action.
  • All virus vendors have released updates which should prevent the malware from spreading but it will not necessarily protect systems from new variants that are likely to spring up quickly next week. We have triggered virus updates and virus scans on all of the fixed price systems that we look after

Monday actions and activities

  • We will be closely monitoring systems on Monday and hope that there will be no malware activity that causes any problems
  • In the event that there is we will enact our major incident process which will mean the following:
    • We will postpone all non-urgent jobs and tasks
    • We will NOT attempt to fix any issue directly over the phone. Normally we will immediately try to help but during major incident’s we have to keep the phones and engineers clear so we revert to a log a ticket and triage basis. We will get to your issue, just not immediately.
  • If a system gets infected on your network we will shut-down your server(s) as well as the infected device(s)
  • Priority will be given to the systems as below:
    1. Servers under our fixed price support service
    2. All other devices\people covered by our fixed price support service
    3. Servers covered on a bank of hours basis
    4. All other devices\people covered on a bank of hours basis
    5. All devices\people covered on an ad-hoc basis

We normally treat bank of hours and ad-hoc customers the same way as those on our fixed price service but give priority to fixed price service customers where relevant. During a major incident all fixed price systems are given priority over everything else including servers covered on an ad-hoc or bank of hours basis

Can you all please:

  • Do not open attachments sent to you in email where you do not know the sender or have not requested the attachment
  • If you receive an attachment from someone you know do not necessarily open it, check the format and tone of the message if it doesn’t “feel” right then do not open the attachment check with the sender
  • There are likely to be variants of the original virus coming out over the next few days which will inevitably result in a an increased number of fake emails that look like they come from HMRC, Apple, Microsoft, CEO’s or high profile personnel from companies which may include people that you know. Please be careful if the emails contain attachments or links
  • There are already a number of “fix your Wannacrypt infected system” emails and web links claiming to protect you when they actually simply infect your system with other malware. Do not click on these links