Security notification - WannaCrypt Ransomware cyber attack

May 29, 2017
Toshiba Corporation

Since May 12, 2017, the impact of the Ransomware called WannaCrypt (or WannaCry, WCry, Wanna Decryptor) has spread all over the world. This notification is to broadly inform to the customers of Toshiba products / systems (social infrastructure systems, enterprise information systems, business products and consumer products, etc.) about the impact and recommended countermeasures on WannaCrypt Ransomware.
(This notification does not report on the actual impact or damage to Toshiba products.)

Affected Products
Products using Microsoft® Windows® operating systems

WannaCrypt exploits Microsoft® Windows® file sharing vulnerability to infect. Once a system is infected, it encrypts the file and requests ransom (by bit coin) as decryption fee.

Recommended countermeasures
Toshiba Corporation recommends several countermeasures to protect your systems from cyber attacks, but not limited to:
- Install the latest Microsoft security patches on your Windows
- Update your antivirus software and its pattern file
- Take a backup of your system
- Don’t open any suspicious attached files and URLs of external site including e-mail
- Notify to employees on the malware and security countermeasure
If infected, the following actions are required:
- Restore from previously collected backup of your system

More Information
- ICS-CERT: ” Indicators Associated With WannaCry Ransomware”
- Microsoft (MS) Customer Guidance for WannaCrypt Attacks
- Microsoft (MS) WannaCrypt ransomware worm targets out-of-date systems

Legal Disclaimer
This notification does not indicate explicitly or implicitly any kind of guarantee or warranty, including the suitability of Toshiba products.