By Marshall Lytle, Joint Staff J6
By John A. Zangardi, Acting DoD Chief Information Officer
We are aware of reports of ransomware known as “WannaCry” affecting multiple global entities.
To increase our collective defenses across the Department of Defense and federal networks, we urge all employees to take three actions:
(1) Do not click on links or download files in emails unless you know for sure they are intended for you.
(2) Ensure your personal devices are updated and patched.
(3) Back up your data so you can recover your systems if they become infected. Microsoft released a patch in March that addresses this issue.
Ransomware is a type of malicious software that infects a computer and restricts users’ access until a ransom is paid to unlock it.
The malware spreads by “phishing” — luring unsuspecting users to click on infected email attachments and links in emails to launch the attack.
Unpatched or out-of-date systems are particularly vulnerable to ransomware.
The Department of Homeland Security has previously released information on best practices to address ransomware. That information is available on our website at: https://www.us-cert.gov/security-publications/Ransomware.
The workforce should be aware that this malware could morph. Do not let down your guard.