Security alert - WannaCry Ransomware

Dynatrace is not impacted by the recent WannaCry ransomware global outbreak; however, we wanted to update our customers and partners about our response.

Immediately after the first public reports, Dynatrace’s security and operations launched an investigation into the vulnerability of its services and systems. Our initial assessment verified that through our continuous security patching process, employee, internal, and backend SaaS systems were properly patched to the recommended security patches and not vulnerable.

We go to great lengths to protect our customer’s security, privacy, and data, and as such, we leverage a multi-layer approach to security. We are proud to have SSAE 16 / SOC 2 compliance attesting to our comprehensive approach to security and safeguarding our customers’ information.

While Dynatrace software is not directly affected, nor vulnerable, customers are strongly encouraged to perform their own assessment to the vulnerability of their environments wherever Dynatrace software is installed and take appropriate corrective actions. More information about this attack and ways you can protect yourself from it can be found at Microsoft’s TechNet blog.

We continue to monitor the situation and will provide additional details as necessary. If you have any other questions or concerns, please contact Customer Support at dynatrace.com/support.

Q&A

Q: Is Dynatrace vulnerable to the WannaCry ransomware attack?
A: Dynatrace has not been impacted by this attack. All backend systems running our cloud/SaaS solutions run on hardened and secured Linux-based operating systems or operating systems not vulnerability to this attack. We will maintain continual assessments and will be vigilant during this time.

Q: When did Dynatrace take its first steps to response to this attack?
A: Immediately after this outbreak was reported we began assessing.  Starting around 2:00pm ET on May 12th, we reviewed all the security patches applied to employee, internal, and backend SaaS systems for the affected operating systems. Since Dynatrace has a continuous security patch management policy and system, all systems were patched and found not vulnerable. We also pushed out the latest anti-virus updates from our anti-virus provider to take a proactive posture to this attack.

Q: Were any of Dynatrace’s systems compromised?
A: No. Through the use of our intrusion detection and prevention systems, system and access logs, as well as internal employee communications, no systems were reported to be compromised. We continue to have a heightened sense of awareness to the situation in order to quickly respond should we find a system compromised.

Q: What security precautions does Dynatrace implement to ensure its customer data is secured?
A: Dynatrace employs a holistic approach to security and data protection. This includes physical, network, system, application, and employee/vendor assessment and education. We leverage the latest in intrusion detection and prevention systems, stateful firewalls, log analysis and auditing, and continue security testing both internally and external third-party vendors. We are proud to have attained SSAE 16 / SOC 2 compliance as a means to demonstrate publicly and our customers our commitment to safeguarding our systems and customer data.

Q: As a Dynatrace customer, what should I do now?
A: As it relates to Dynatrace’s services and products, there is nothing you need to do.  We continue to be monitor the situation and will respond quickly as necessary. It is always a good idea to use situations like this to assess your own security policies and practices and ensure you are prepared should the next cyber attack occur.

There is good information about WannaCry available from governmental sources such as the United States Computer Readiness Team (US-CERT), or European Union Agency for Network and Information Security (ENISA).

Microsoft has also provided information specific about WannaCry at their TechNet blog. To download the necessary security patches, go to ms17-010.

There a lot of great sources of information about best security practices that can be found online. Some we recommend are from: Amazon, Microsoft, VMware, Docker.