On May 13th, 2017, the world was hit by a global ransomware attack that affected major media outlets and organizations. The attack, known as WannaCry, quickly became a hot topic in the news and left many wondering how they could protect themselves from future threats.
Today, we’ll discuss the WannaCry attack, what it means for businesses and individuals, and how you can take proactive steps to protect yourself from similar threats in the future.
Details of WannaCry Ransomware Attack
It has been an interesting couple of days, starting with the initial news of a global ransomware attack on major media outlets on Friday, Mat 13th, 2017. The topic has been on the agenda of global news channels (CNN), newspapers (Wall Street Journal), as well as local security websites (Krebs on Security), and newsletters. By late Friday, we were all familiar with the now infamous screen informing the victim that his/her files have been encrypted and requesting a ransom payment to recover the files.
A lot of information is out there regarding what this threat is and how it works. I found these links especially useful in working with our clients to help them protect their systems from falling victim to this global threat:
- Everything you need to know about the WannaCry / Wcry / WannaCrypt ransomware by Troy Hunt
- How to Accidentally Stop a Global Cyber Attacks by MalwareTech
WannaCry Ransomware Attack
This article may interest you: What is Cloud Security?
Although the spread of the malware appeared to slow down due to the kill switch described in the article above from Malwaretech, a new version that was not impacted by this kill switch was already reported to be seen in the wild by Sunday.
By Monday, May 15th, we had reports of hundreds of thousands of machines infected worldwide, from individual home users to global corporations like FedEx Corp, Renault, Nissan, and Telefonica among them. The German rail operator Deutsche Bahn was an example of how an IT incident can cripple critical infrastructure.
Global Effects of WannaCry Cyber Attack
It was interesting to see that the ransomware was using a known Windows vulnerability that Microsoft issued a patch on March 14th with the MS17-010 Critical Security Bulletin. This showed us once more how critical it is to have a proactive and regular Vulnerability and Patch Management process. We have observed that our clients who have implemented automated and integrated security processes and solutions were not impacted by this global threat.
The importance of the following initiatives was once more proven in the field:
- Ongoing Vulnerability Scanning and Remediation
- Automating Windows Updates
- End-point Security and Anti-Virus
- End-user Security and Phishing Awareness
The WannaCry cyberattack caused NHS operations to cease for several days, affecting hospitals and GP surgeries across England and Scotland
Conclusion
At PurpleBox, we remain committed to helping our clients stay ahead of the curve when it comes to cybersecurity, and we encourage all of our readers to take steps to protect themselves from the ever-evolving world of cyber threats. If you would like to learn more about how you can protect your business from similar threats in the future by implementing proactive and automated solutions, please get in touch with PurpleBox, or check out our Vulnerability Management services.