New strain of Ransomware (WannaCry) affecting numerous PC’s across Europe

Please read the information below regarding a new strain of Ransomware (WannaCry) which has been affecting numerous PC’s and was the cause of the NHS computer shutdown yesterday.

On May 12, 2017 a new strain of the Ransom.CryptXXX (WannaCry) strain of ransomware began spreading widely impacting a large number of organizations, particularly in Europe. Wcry is demanding a ransom of $300 to $600 in Bitcoin to be paid by May 15, or, in the event that deadline is missed, a higher fee by May 19. The messages left on the screen say files will remain encrypted. It’s not yet clear if there are flaws in the encryption scheme that might allow the victims to restore the files without paying the ransom.

The initial attack vector has been email, through spam. These messages are typically fake invoices, job offers and other lures which are sent to random email addresses. Within the email is a .zip file and once clicked, that initiates the WannaCry infection.


You should be extremely suspicious of all e-mails you receive, particularly those that ask the recipient to open attached documents or click on Web links.

Windows Updates

Please also make sure that all Windows updates are installed and up to date.

  • In Windows 10 click the start button and then settings (cog icon) and then press “Check for updates”
  • In Windows 7 go to Control Panel and select the Windows Update icon and then check for updates.

In both cases allow all critical updates to download and install.

If you are affected

If you are affected by this Ransomware you should immediately disconnect your PC from any network connections and contact Firecrest IT Ltd.