The Department of Homeland Security is aware of reports of ransomware known as WannaCry affecting multiple global entities. Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it. Microsoft released a patch in March that addresses this specific vulnerability, and installing this patch will help secure your systems from the threat. Individual users are often the first line of defense against this and other threats, and we encourage all Americans to update your operating systems and implement vigorous cybersecurity practices at home, work, and school. These practices include:
– Update your systems to include the latest patches and software updates.
– Do not click on or download unfamiliar links or files in emails.
– Back up your data to prevent possible loss, whether you are at a family computer or company data.
We are actively sharing information related to this event and stand ready to lend technical support and assistance as needed to our partners, both in the United States and internationally. DHS has a cadre of cybersecurity professionals that can provide expertise and support to critical infrastructure entities.
DHS also leads the federal government’s efforts to protect civilian executive branch agency systems and networks. In partnership with each agency’s Chief Information Officer we are ensuring our own networks are protected against the threat.
For more information, DHS has previously released information on best practices to address ransomware. That information is available on our website at https://www.us-cert.gov/security-publications/Ransomware