PrintNightmare ransomware attack closes businesses

What is the PrintNightmare vulnerability

A bug found in all Windows operating systems allows full 'top level' access to compromised computers.

The biggest, currently known (as of Sunday the 4th of July 2021 - 11am GMT) attack initiated in the USA when the IT management software company Kaseya saw certain version of it's software become infected with ransomware. The ransomware was delivered to systems using the PrintNightmare vulnerability that Microsoft has not yet patched.

Should you care

While the attack seemed to be initially limited, reports this weekend show that the impact has escalated. This included a BBC report (find the report here) detailing how around half of Sweden's Coop shops have had to close after becoming impacted by software used by one of their suppliers.

It should be said that your system should have already been compromised in order for the hackers and criminals to take advantage of this bug in the Windows operating system. But don't be complaisant, ransomware is very powerful and this threat is currently not patched!

What to do

Always keep a secure backup of your data (read here for information on that)

Disable the print spooler service on your PC and server until a patch is available

Follow our video on how to do that here

Keep your Windows computers up to date with the latest patches

Contact us if you are a business and have been impacted by this

If you would like further information or are a business looking for IT assistance, please call us on 01943 666 711 or email us on support@cactus-it.co.uk

Posted in News.