Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.
  • 16 May 2017 15:23

Fortinet Urges Organisations in APAC to Take Preventive Measures As Devastation of Massive Ransomware Attack Widens

New ransomware WannaCry infiltrated 57,000 computers across 150 countries; crippled critical industries including healthcare with more to unravel

Sydney, Australia 16 May 2017 – As Ransomware WannaCry and its variants continue their global ‘cyber-siege’ across multiple industries, Fortinet, a global leader in high-performance cyber security solutions strongly advises organisations in APAC region to take immediate steps to protect against the highly virulent ransomware strain.

“Fortinet’s FortiGuard Labs has been monitoring and analysing threat telemetry gathered from over two million sensors around the world. WannaCry and its variants is a highly virulent ransomware strain which is capable of self-replicating. This ransomware is being referred to by a number of names, including WCry, WannaCry, WanaCrypt0r, WannaCrypt and Wana Decrypt0r. It spreads through an alleged NSA exploit called ETERNALBLUE that was leaked online in April 2017 by a hacker group known as The Shadow Brokers. ETERNALBLUE exploits vulnerability in the Microsoft Server Message Block 1.0 (SMBv1) protocol,” said David Maciejak, Director of Security Research at Fortinet.

"WannaCry has infiltrated thousands of organisations around the world, including many key institutions. This ransomware is especially notable for its multi-language ransom demands that support more than two-dozen languages,” added Maciejak. Fortinet’s tracking analysis shows that there has been an average of more than 4,000 ransomware attacks every day since January 1, 2016.

If an organisation has been affected by ransomware, Fortinet strongly advise the following steps to be taken:

1. Isolate infected devices immediately by removing them from the network as soon as possible to prevent ransomware from spreading to the network or shared drives.

2. If your network has been infected, immediately disconnect all connected devices.

3. Power-off affected devices that have not been completely corrupted. This may provide time to clean and recover data, contain damage, and prevent conditions from worsening.

4. Backed up data should be stored offline. When an infection is detected, take backup systems offline as well and scan backups to ensure they are free of malware.

5. Contact law enforcement immediately to report any ransomware events and request assistance

For organisations that have so far been spared a ransomware attack, Fortinet recommends that users and organisations take the following preventive measures:

• Establish a regular routine for patching operating systems, software, and firmware on all devices. For larger organisations with lots of deployed devices, consider adopting a centralised patch management system

• Deploy IPS, AV, and Web Filtering technologies, and keep them updated

• Back up data regularly. Verify the integrity of those backups, encrypt them, and test the restoration process to ensure it is working properly

• Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users

• Schedule anti-virus and anti-malware programs to automatically conduct regular scans

• Disable macro scripts in files transmitted via email. Consider using a tool such as Office Viewer to open attached Microsoft Office files rather than the Office suite of applications

• Establish a business continuity and incident response strategy and conduct regular vulnerability assessments

“Fortinet addresses organisations’ cyber security challenges with an intelligent Security Fabric that spans the entire network, linking different security sensors and tools together to collect, coordinate, and respond to malicious behavior whenever it occurs,” said Maciejak. “Only by harnessing all their cyber defence resources in a coordinated way can firms effectively fight massive cyberattacks like WannaCry.”

About FortiGuard Labs FortiGuard Labs consists of more than 200 expert researchers and analysts around the world. The researchers work with world class, in-house developed tools and technology to study, discover, and protect against breaking threats. The team has dedicated experts studying every critical area including malware, botnets, mobile, and zero-day vulnerabilities. Service analysts study breaking code and develop mitigation signatures while technology developers continually create new defense engines to combat continually evolving threats through FortiGuard services. FortiGuard Labs uses data collected from around the globe to protect more than 300,000 customers every day.

About Fortinet Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 310,000 customers trust Fortinet to protect their businesses. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.

FTNT-O

Copyright © 2017 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and unregistered trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiManager, FortiMail, FortiClient, FortiCloud, FortiCare, FortiAnalyzer, FortiReporter, FortiOS, FortiASIC, FortiWiFi, FortiSwitch, FortiVoIP, FortiBIOS, FortiLog, FortiResponse, FortiCarrier, FortiScan, FortiAP, FortiDB, FortiVoice and FortiWeb. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, binding specification or other binding commitment by Fortinet, and performance and other specification information herein may be unique to certain environments. This news release contains forward-looking statements that involve uncertainties and assumptions, such as statements regarding technology releases. Changes of circumstances, product release delays, or other risks as stated in our filings with the Securities and Exchange Commission, located at www.sec.gov, may cause results to differ materially from those expressed or implied in this press release. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements. Fortinet assumes no obligation to update any forward-looking statements, and expressly disclaims any obligation to update these forward-looking statements.

# # #

Submit a media release