Skip to Main Content

Overview

May 2017 - The United States Computer Emergency Readiness Team (US-CERT) has received multiple reports of “WannaCry” ransomware infections in many countries around the world. Some of the observed attacks use common phishing tactics including malicious attachments.

What to Know:

  • Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it.
  • Individuals and organizations are discouraged from paying the ransom, as this does not guarantee access will be restored.
  • Consumers are at risk if their operating system updates and security applications are not current.
  • KeyBank has technical controls in place to mitigate this exploit and is closely monitoring the situation.

What to Do:

  • Immediately deploy the security update associated with Microsoft Security Bulletin MS17-010, if you have not done so already. If you have automatic updates enabled or have deployed this update, you are already protected from the vulnerability these attacks are trying to exploit.
  • Increased vigilance is required to recognize potentially suspicious emails from untrusted or unknown sources; always stop and think before clicking an email link or an attachment.
  • Use these additional tips provided by the National Cyber Security Alliance to help prevent ransomware infections:
    • Keep clean machines: Prevent infections by updating critical software as soon as patches or new operating system versions are available. This includes mobile and other internet-connected devices.
    • Lock down your login: Strong authentication — requiring more than a username and password to access accounts — should be deployed on critical networks to prevent access through stolen or hacked credentials.
    • Conduct regular backups of systems: Systems can be restored in cases of ransomware and having current backup of all data speeds the recovery process.
    • Make better passwords: In cases where passwords are still used, require long, strong and unique passwords to better harden accounts against intrusions.
  • Please report any ransomware incidents to the Internet Crime Complaint Center (IC3).
  • For Key clients or businesses, if you responded to a suspicious email and have detected any suspicious activity on your KeyBank account, immediately contact Key’s Fraud & Disputes Hotline at 800-433-0124.
  • For non-Key Clients: If you responded to a suspicious email and have concerns regarding your personal or account-related information, immediately contact your financial institution.

This material is presented for informational purposes only and should not be construed as individual advice.

KeyBank does not provide legal advice.

Back to Top