As part of its ongoing coordination of the global law enforcement response to the WannaCry ransomware attack, INTERPOL has hosted a virtual conference with affected countries.
Immediately following the 12 May attack, information provided by UK authorities via the INTERPOL National Central Bureau (NCB) in Manchester outlining the key malware features and mitigating actions to be taken was circulated to all 190 member countries via an INTERPOL Purple Notice.
The UK’s National Crime Agency also requested INTERPOL to coordinate and conduct an immediate survey of all member countries in order to establish the global impact of the WannaCry malware.
Responses from member countries detailing the actions they have taken are being collated and analysed by a critical incident cell established at the INTERPOL Global Complex for Innovation in Singapore, supported by specialists from its Cyber Fusion Centre.
The virtual meeting – held on May 19, 2017 – enabled specialists to exchange information and provide updates on their investigations.
“We are still in the early stages of this globally significant, complex international investigation,” said Secretary General Jürgen Stock.
“It is essential the full scale and scope of the attack is established if we are to assist member countries deliver an effective response, and put measures in place to prevent future cyberattacks against critical infrastructures,” added Mr Stock.
“Today’s meeting enabled specialists to directly exchange information and update each other on activities in the field which is essential to avoid duplication of efforts and save precious time and resources.
“INTERPOL is uniquely and ideally placed to ensure our member countries’ efforts in dealing with this attack are aligned. Attribution in cases such as this is complicated but vital and may take weeks, or even months, but we will work with police around the world until those responsible for this attack are identified and held to account,” concluded the INTERPOL Chief.
A second Purple Notice issued by INTERPOL containing additional details on the malware provided by the private sector has also been sent to all NCBs for dissemination to national specialized cyber units.
- Ensure security software patches are up-to-date.
- Ensure that systems and computers are running anti-virus software.
- Back-up data in multiple locations, including offline.
- Avoid opening unknown e-mail attachments or clicking on links in spam e-mails.
Additional WannaCry advice
Disable smb v1, and install the Microsoft security patches to prevent WannaCry from spreading within your network.
No More Ransom
There are ways to protect yourself against ransomware, and to protect your data in case you become a victim. In addition, tools are available which can help infected users regain access to their systems.
INTERPOL supports the No More Ransom project which serves as a global resource on ransomware information and provides free access to tools which can decrypt data locked by many different types of ransomware.