As many of you are aware, a ransomware attack last week has affected businesses and organizations in over one hundred countries. Known by names such as WannaCry, WCry and Wanna Decryptor, the malicious software uses a vulnerability in Windows Server Message Block version 1 to get access to companies’ servers in order to encrypt specific files.
Companies are then asked to pay hundreds of dollars to get their files back. The amount of money demanded of enterprises to access their files increases within a few days and the files are deleted unless money is sent.
The OCIE (Office of Compliance Inspections and Examinations) issued a formal Risk Alert relating to the ransomware attack. It is important to review this alert with your clients, including the two remedies the OCIE suggests:
- Reviewing the ransomware information and alert issued by the Computer Emergency Readiness Team of the United States Department of Homeland Security.
- Ensuring your organization has the right patches from Microsoft to stop the malicious software. Microsoft issued a patch for the problem in March 2017.
Content provided by Vigilant Compliance, LLC, the full service Global Compliance Firm serving the regulatory needs of investment management clients across the nation and around the world.
Thursday, August 17, 2017 10:52:00 AM