1 min read

Wanna Cry?

Cyber Security -Wanna Cry

>As you may know, on May 12, hackers launched a global ransomware campaign against tens of thousands of corporate and governmental targets. The ransomware encrypts files on an infected computer and asks the computer's administrator to pay a ransom in order to regain access.

The ransomware attack is apparently spreading through a Microsoft Windows exploit called “EternalBlue,” for which Microsoft released a patch in March. That month Fortinet released an initial IPS signature to detect vulnerabilities against MS17-10. This signature specifically looks for SMB type vulnerabilities. Earlier this week, Fortinet updated their IPS signature to further enhance detection. It appears this update detects the ransomware. Today, they released an AV signature that detects and stops this attack. (Third-party testing has confirmed that Fortinet Anti-Virus and FortiSandbox are blocking the attacks.)

We strongly advise customers to take all of the following steps:

  • Apply the patch published by Microsoft on all nodes of the network.
  • Ensure that the Fortinet AV inspections as well as web filtering engines are turned on to prevent the malware being downloaded and to ensure that our web filtering is blocking communications back to the command and control servers.
  • Disable via GPO the execution of files with extension WNCRY.
  • Isolate communication to ports 137 / 138 UDP and ports 139 / 445 TCP in the networks of the organizations.

If you would like more information on how to protect your network, use the link below to register for the Fluid IT Services/Fortinet Security event on June 6, 2017 @12pm:

Register Now

Please feel free to read the latest posts on this subject, published by the FortiGuard Labs team:



American flag on wooden sign national pride

5 min read

National Pride — I Believe There is Hope for Our Future

I'll just come out and say it – the state of our country and the world has me more concerned and generally despondent than ever before. It's not a...

Read More
Evolution of SMB Managed Service Provider

4 min read

Evolution of the SMB Managed Service Provider

Technology services have been around since the beginning of computing, although in more informal and smaller form factors. As the technology evolved,...

Read More
Geography Neutral Remote Workforce IT Support

2 min read

Geography Neutral Remote Workforce IT Support

The global scene has been very interesting and dynamic over the past two and half years. It feels like the seesaw slamming to the ground in one...

Read More