RANSOMWARE WARNING MESSAGE:
R 161633Z MAY 17
FM CNO WASHINGTON DC
CMC WASHINGTON DC
INFO CNO WASHINGTON DC
MSGID/GENADMIN/CNO WASHINGTON DC/N2N6/MAY//
SUBJ/RANSOMWARE WARNING MESSAGE//
AMPN/Fleet Cyber Advisory SER-003-2017//
POC/BATTLE WATCH CAPTAIN/-/FLTCYBERCOM/-/COMM: 240-373-1477;
NSTS: 962-2314; SIPRNET ADDRESS: firstname.lastname@example.org//
RMKS/1. Per reference (a), the Navy is tracking reporting on ransomware
known as WannaCry affecting multiple global governments, businesses,
universities, and people. Ransomware is a type of malicious software that
infects a computer and restricts users' access until a ransom is paid to
unlock the device. For the WannaCry infection, the malware use phishing as
its initial infection vector, luring unsuspecting users to click on infected
email attachments and links in email to launch the attack. Once activated,
the WannaCry ransomware spreads on the network via an unpatched Microsoft
vulnerability. Unpatched or out-of-date systems are particularly vulnerable
to ransomware. If a single user on a network of unpatched systems becomes
infected, then the whole network is at risk.
2. User awareness and vigilance are the most important means to ensure
network security against cyber threats. To increase the collective defense
across Department of the Navy networks, all employees must take the following
a. Do not click on links or download files in emails unless you verify they
are intended for you. Do not open email from unknown senders.
b. If users encounter suspicious files or files from an unverified or
unknown entity, do not attempt to open the files. Contact your Information
Assurance Manager (IAM) for further guidance.
c. Digitally sign your emails as well as verify emails sent to you are
digitally signed prior to reading them. These actions directly contribute to
d. Personnel accessing webmail or dropbox-like services from a Navy network
host are reminded of the inherent risk associated with this action. Extra
individual vigilance must be exercised to ensure risk mitigation.
3. To protect your personal devices from this and other attacks, keep your
operating systems, applications, and anti-virus signatures up-to-date.
Microsoft auto-update and anti-virus auto-update are key to staying abreast
of the threat. Microsoft released a patch (MS17-010) in March addressing the
vulnerability exploited by the WannaCry ransomware. Users should further be
aware the phishing attempts described in paragraphs 2a and 2b are also
directed at personal devices and accounts. Additionally, it is a computer
security best practice to regularly backup your personal data to an off-line
device or cloud based storage in case of computer attack or failure.
4. Navy users can download free anti-virus software at
5. The Department of Homeland Security previously released information on
best practices to address ransomware. That information is available on their
website at https://www.us-cert.gov/security-publications/Ransomware.
6. The workforce should be aware that this and any malicious software can
and frequently morphs - don't let your guard down.
7. If you suspect your Navy device is infected, contact your local IAM or
the Fleet Cyber Command Battle Watch Captain for further assistance.
8. Released by VADM Jan E. Tighe, Deputy Chief of Naval Operations for
Information Warfare, OPNAV N2N6.//