The post below is a copy of an email I sent to clients and friends updating them on Wannacry. It's posted here to verify authenticity.
Early Saturday morning you received an urgent update from me regarding the WannaCry threat. I wanted to take a moment and provide you with a further update and some clarification.
Firstly, many of you (over 400), contacted me to verify the legitimacy of the email. You did the right thing. My apologies for any confusion or concern I may have caused. Because we used our mass email tool for the first time, many of you didn't recognize the from address ([email protected]) and it didn't match with my email address. I've taught many of you that this is a classic sign of spam.
I also included a link to a third party site in the original email, Bleeping Computer, the link didn't match the name. This is also usually a clear sign of spam. In this case, our mass email to converted the link to a link that is trackable, an error on my part.
I'll be posting a copy of this email to our blog so you can verify authenticity. Some of you may be asking why I used a mass email tool to send the warning. It would have taken over 20 hours to send the email (no more than 50/hour) to more than 2K contacts. If I had tried to accomplish faster, the email would have likely been blocked as spam. The mass email tool allowed me to communicate quickly.
To verify the legitimacy of this and future email please visit our web site and click on the blog link in the top left had corner. Shortly after sending this email, I will be posting a copy of it to the blog. Alternatively, you can email me directly, you have my address and I will respond ASAP. Based on the number of email I received from the last email I received (over 400), it could take me a while to respond, but I will.
Now for an update.
Our anti-virus company (Webroot) has confirmed that they now protect against know variants of WannaCry. This doesn't mean that new variants will not be created, so we still need to be vigilant.
Also, Microsoft has released patches for Windows XP and Server 2003. This was unexpected, but certainly welcome as some industries are still running these outdated operating systems that usually do not receive updates. If you have some of these old devices, you need to make sure you update today. If we have access to these devices and manage them, we will be updating them for you.
As I mentioned earlier, we will continue to use a mass email tool to communicate these types of messages in the future. We will also post the message to our blog so you can verify authenticity. If you prefer, you may also want to follow us on twitter or Facebook. In the future, we will post these alerts there as well.
Yours in business,