The US is publicly blaming North Korea for the May 2017 ransomware attack, WannaCry. According to AP News:  “The WannaCry ransomware exploited a vulnerability in mostly older versions of Microsoft’s Windows operating system. Affected computers had generally not been patched with security fixes that would have blocked the attack.” Here are some additional sources with information about the WannaCry ransomware attack. CBS News:  “The hackers took advantage of a vulnerability in Microsoft, forcing the shutdown of businesses in 150 countries around the world by encrypting files to make them inaccessible until victims paid a ransom of $300.”  https://www.cbsnews.com/news/white-house-says-wannacry-attack-was-carried-out-by-north-korea/ NPR:  “The White House has publicly blamed North Korea for a ransomware attack in May that locked more than 300,000 computers in 150 countries.”  https://www.npr.org/sections/thetwo-way/2017/12/19/571854614/u-s-says-north-korea-directly-responsible-for-wannacry-ransomware-attack US News & World Report:  “Some of those customers were then targeted with so-called spearphishing emails – infected emails designed to look as if they were from South Korea’s taxation agency, the Korean National Tax Service”  https://www.usnews.com/news/world/articles/2017-12-19/multi-stage-cyber-attacks-net-north-korea-millions-in-virtual-currencies-researchers What is ransomware?  According to Wikipedia – “Ransomware is a type of malicious software from cryptovirology that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid.” How can you protect your company from a ransomware attack?  Make sure your company’s computers are updated with the latest security patches.  Additionally, make sure your users are trained on how to spot a spearphishing e-mail.  Contact ELC Information Security for all your Information Security Awareness training.