UNCLASSIFIED
ROUTINE
R 161633Z MAY 17
FM CNO WASHINGTON DC
TO NAVADMIN
CMC WASHINGTON DC
INFO CNO WASHINGTON DC
BT
UNCLAS

NAVADMIN 120/17

MSGID/GENADMIN/CNO WASHINGTON DC/N2N6/MAY//

SUBJ/RANSOMWARE WARNING MESSAGE//

REF/A/MSG/FLEETCYBERCOM/132055ZMAY17//
AMPN/Fleet Cyber Advisory SER-003-2017//
POC/BATTLE WATCH CAPTAIN/-/FLTCYBERCOM/-/COMM: 240-373-1477;
NSTS:  962-2314; SIPRNET ADDRESS:  c10f_bwc.fct@navy.smil.mil//

RMKS/1.  Per reference (a), the Navy is tracking reporting on ransomware 
known as WannaCry affecting multiple global governments, businesses, 
universities, and people.  Ransomware is a type of malicious software that 
infects a computer and restricts users' access until a ransom is paid to 
unlock the device.  For the WannaCry infection, the malware use phishing as 
its initial infection vector, luring unsuspecting users to click on infected 
email attachments and links in email to launch the attack.  Once activated, 
the WannaCry ransomware spreads on the network via an unpatched Microsoft 
vulnerability.  Unpatched or out-of-date systems are particularly vulnerable 
to ransomware.  If a single user on a network of unpatched systems becomes 
infected, then the whole network is at risk.

2.  User awareness and vigilance are the most important means to ensure 
network security against cyber threats.  To increase the collective defense 
across Department of the Navy networks, all employees must take the following 
actions:
a.  Do not click on links or download files in emails unless you verify they 
are intended for you.  Do not open email from unknown senders. 
b.  If users encounter suspicious files or files from an unverified or 
unknown entity, do not attempt to open the files.  Contact your Information 
Assurance Manager (IAM) for further guidance.
c.  Digitally sign your emails as well as verify emails sent to you are 
digitally signed prior to reading them.  These actions directly contribute to 
email security.
d.  Personnel accessing webmail or dropbox-like services from a Navy network 
host are reminded of the inherent risk associated with this action. Extra 
individual vigilance must be exercised to ensure risk mitigation.

3.  To protect your personal devices from this and other attacks, keep your 
operating systems, applications, and anti-virus signatures up-to-date.  
Microsoft auto-update and anti-virus auto-update are key to staying abreast 
of the threat.  Microsoft released a patch (MS17-010) in March addressing the 
vulnerability exploited by the WannaCry ransomware.  Users should further be 
aware the phishing attempts described in paragraphs 2a and 2b are also 
directed at personal devices and accounts.  Additionally, it is a computer 
security best practice to regularly backup your personal data to an off-line 
device or cloud based storage in case of computer attack or failure.

4.  Navy users can download free anti-virus software at 
https://infosec.navy.mil/main/home?p=5-1

5.  The Department of Homeland Security previously released information on 
best practices to address ransomware.  That information is available on their 
website at https://www.us-cert.gov/security-publications/Ransomware.

6.  The workforce should be aware that this and any malicious software can 
and frequently morphs - don't let your guard down.

7.  If you suspect your Navy device is infected, contact your local IAM or 
the Fleet Cyber Command Battle Watch Captain for further assistance.

8.  Released by VADM Jan E. Tighe, Deputy Chief of Naval Operations for 
Information Warfare, OPNAV N2N6.//

BT
#0001
NNNN
UNCLASSIFIED//