Stratasan and Ransomware (Ransom:Win32/WannaCrypt)

Last week there was a global wave of ransomware attacks. One in particular, known as “WannaCry” or “WannaDecrypt” affected multiple entities like Britain’s NHS.

Stratasan’s information security staff has been monitoring the situation as it develops and has confirmed that all relevant security patches have been applied to our workstations, servers, and other devices.

  • Stratasan does not run any Windows servers that are vulnerable to the SMBv1 attacks exploited by Ransom:Win32/WannaCrypt. All accounts and data associated with our web stack are unaffected.
  • All Stratasan employee workstations that run Windows have already automatically applied the patch issued by Microsoft in March (Microsoft Security¬† Bulletin MS17-010).
  • Stratasan employs a network intrusion detection and prevention strategy that ensures this variety of malware is intercepted before reaching our internal network.

Stratasan’s team goes to great lengths to ensure that customer data stays safe and secure. We undergo a security risk assessment by a third party on an annual basis. This includes a comprehensive review of our internal security policies and procedures. We run software that ensures that operating systems, applications, and devices that we use are consistently patched with the latest security updates. We also require all of our employees to complete security training sessions twice a year.

Stratasan will continue to monitor the situation and practice good security habits that ensure we minimize the risk of security incidents.

If you have any questions about our process or how we handle security, feel free to contact us directly.