May 19, 2017
Digital Arts Inc.
Protect Against WannaCry Ransomeware
WannaCry ransomware spread across the globe and many Japanese Tier 1 corporations are also starting to report that they have been exposed. What can Digital Arts solutions do to help you deal with the recent attack?
What is WannaCry?
WannaCry is a type of Ransomeware where after infecting the client terminal encrypts all files inside the device and demands a payment (ransome) in bitcoin in order to decrypt the files. 166 known file extensions can be encrypted with this Ransomware.
How do we get infected?
There are two currently known ways of being infected by WannaCry Ransomeware:
A. Computer with an open firewall port (port:445) that is externally accessible and running on a Windows OS where SMB MS17-010 vulnerability is attacked, and ransomeware implants a backdoor.
B. User executes malware file attached to an email message on client device.
What can we do?
1-a. Close firewall port and stop unnecessary network file sharing. Confirm any suspicious external access.
1-b. Run Windows security update to apply a patch on the SMB vulnerability.
※Also refer to
2. Use the following features available on m-FILTER Ver.4.80R01 or later to confine infection to the client from email messages:
- delete attachments
- disable URL links
FinalCode, Digital Arts’ file security solution, offers strong encryption and protection to files with a file extension unique to FinalCode. FinalCode is a valid way to protect your files, because its file extension is not included in one of the 166 file types that WannaCry is capable of encrypting.