What you need to know about the NHS cyberattack

Campaign overview

Create email campaign

Follow these simple steps to create your email campaign in CyanMailer. For a reminder of how to access your account, please call 01268 778555.

  • Open your customised CyanMailer email template
  • Insert HTML code beneath line 26 replacing *** PLACE CODE HERE ***, ensuring you leave the div tags either side.
  • Always update the code first before going back in to amend the next points.

Get the code

plain text

WHAT YOU NEED TO KNOW ABOUT THE NHS CYBERATTACK

Since the news broke on Friday of a huge ransomware attack, which has claimed the National Health Service as one of its highest profile victims, various accounts of this story have been circulating in the media.

The variant, which has reportedly affected over 40 NHS Trusts in England as well as some NHS bodies in Scotland, goes by the name of WannaCryptor (also known as WanaCrypt or Wcry).

WHAT DO WE KNOW SO FAR?

Ransomware is malicious code that, when executed, attempts to encrypt all files it can see on a network, rendering them inaccessible to users. Users are then promise that these files will be unlocked (or decrypted) if a ransom is paid. Unfortunately, there is no guarantee that access will actually be restored if a victim does choose to part with their money.

WannaCryptor spreads via malicious email attachments sent to victims, which once opened, download the payload that encrypts a victim’s data. However, once the encryption is underway, this specific ransomware also exploits a bug in file sharing protocol Windows Server Message Block (SMB) on unpatched or unsupported versions of Windows desktops and servers.

Microsoft first released a patch addressing this vulnerability back in March 2017, although the company generally only makes these security updates available for supported operating systems. But over the weekend, Microsoft took the unprecedented step of releasing an update to fix this exploit on unsupported operating systems

Friday’s attack, which is affecting many other global organisations besides the NHS, highlights the importance of never opening an email attachment you do not recognise and ensuring that all windows operating systems are kept fully up-to-date.

WHAT CAN YOU DO TO PROTECT YOUR STAT?

For more information of ransomware and what your organisation can do to protect its own data, please download our whitepaper entitled: Ransomware: How to protect your business against this growing threat.

For all other enquiries , please call our support team on XXXXX XXXXXX

 

html text
<table border="0" width="650" cellpadding="0" style="border-collapse: collapse; width: 650px; margin: 0 auto;">
 <tr>
 <td align="left">&nbsp;
 </td>
 </tr>
 <tr>
 <td style="padding:20px; " align="left" bgcolor="#E1E1E1">
 <p style="margin-bottom: 10px">
 <font face="Arial" color="#333333" size="5">What you need to know about the NHS cyberattack</font> 
 <p style="margin-top: 10px">
 <font face="Arial" color="#333333" style="font-size: 9pt; font-weight:700">Since the news broke on Friday of a huge ransomware attack, which has claimed the National Health Service as one of its highest profile victims, various accounts of this story have been circulating in the media. </font> 
 <p style="margin-top: 10px"><font face="Arial" color="#333333" style="font-size: 9pt; font-weight:700">The variant, which has reportedly affected over 40 NHS Trusts in England as well as some NHS bodies in Scotland, goes by the name of WannaCryptor (also known as WanaCrypt or Wcry). </font><font face="Arial" color="#333333" style="font-size: 9pt; font-weight:700"></font> </td>
 </tr>
 <tr>
 <td>
 <table border="0" width="100%" cellpadding="0" style="border-collapse: collapse">
 <tr>
 <td colspan="2" align="left" valign="top" style="padding-right: 20px; padding-bottom: 25px; padding-left:20px; padding-top:25px">
 <p>
 <b><font face="Arial" color="#333333">What do we know so far? </font></b>
 <ul>
 <li>
 <font face="Arial" style="font-size: 9pt" color="#666666"> Ransomware is malicious code that, when executed, attempts to encrypt all files it can see on a network, rendering them inaccessible to users. Users are then promise that these files will be unlocked (or decrypted) if a ransom is paid. Unfortunately, there is no guarantee that access will actually be restored if a victim does choose to part with their money. </font></li>
 <li><font face="Arial" style="font-size: 9pt" color="#666666">WannaCryptor spreads via malicious email attachments sent to victims, which once opened, download the payload that encrypts a victim’s data. However, once the encryption is underway, this specific ransomware also exploits a bug in file sharing protocol Windows Server Message Block (SMB) on unpatched or unsupported versions of Windows desktops and servers. </font></li>
 <li><font face="Arial" style="font-size: 9pt" color="#666666">Microsoft first <a href="https://technet.microsoft.com/en-us/library/security/ms17-010.aspx">released a patch</a> addressing this vulnerability back in March 2017, although the company generally only makes these security updates available for supported operating systems. But over the weekend, Microsoft took the unprecedented step of releasing an update to <a href="https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/">fix this exploit on unsupported operating systems</a> too. </font></li>
 <li><font face="Arial" style="font-size: 9pt" color="#666666">Friday’s attack, which is affecting many other global organisations besides the NHS, highlights the importance of never opening an email attachment you do not recognise and ensuring that all windows operating systems are kept fully up-to-date. </font><font face="Arial" style="font-size: 9pt; font-weight: 700" color="#333333"></font></li>
 </ul></td>
 </tr>
 <tr>
 <td width="60%" align="left" bgcolor="#800000" style="padding:20px; ">
 <p style="margin-bottom: 10px">
 <b><font face="Arial" color="#FFFFFF">What can you do to protect your stat?</font></b><p style="margin-top: 10px">
 <font face="Arial" color="#FFFFFF" style="font-size: 9pt; font-weight:700">
 For more information of ransomware and what your organisation can do to protect its own data, please download our whitepaper entitled: Ransomware: How to protect your business against this growing threat. </font> 
 <p style="margin-top: 10px"><font face="Arial" color="#FFFFFF" style="font-size: 9pt; font-weight:700">For all other enquiries, please call our support team on XXXXX XXXXXX </font><font face="Arial" color="#FFFFFF" style="font-size: 9pt; font-weight:700"></font></td>
 <td width="40%" align="left" bgcolor="#800000" style="padding:20px; "><a href="https://www.itmf-toolkit.co.uk/new/wp-content/uploads/2017/05/Whitepaper-0417-Ransomware-a-guide.docx"><img src="http://c1948902.cdn.cloudfiles.rackspacecloud.com/36108-button-1.png" width="213" height="69" alt=""/></a></td>
 </tr>
 <tr>
 <td colspan="2" align="left" valign="top">&nbsp;
 </td>
 </tr>
 </table>
 </td>
 </tr>
 </table>

Personalise the calls to action

The following should be actioned within CyanMailer
  • Locate line 59 in the code and replace XXXXX XXXXXX with your own phone number.
  • Locate line 61 in the code and replace “https://www.itmf-toolkit.co.uk/new/wp-content/uploads/2017/05/Whitepaper-0417-Ransomware-a-guide.docx” with the link to your branded version of the whitepaper.
  • Always remember to amend the plain text version with all your own company details as well.