May 15th, 2017

Protect Yourself From WannaCry and Other Future Threats

#WannaCryRansomwareAttack

#CyberThreatMonitoring

WannaCry illustration by Purplebox

It has been an interesting couple of days, starting with the initial news of a global ransomware attack on major media outlets on Friday, Mat 13th, 2017. The topic has been on the agenda of global news channels (CNN), newspapers (Wall Street Journal), as well as local security websites (Krebs on Security), and newsletters. By late Friday, we were all familiar with the now infamous screen informing the victim that his/her files have been encrypted and requesting a ransom payment to recover the files.

A lot of information is out there regarding what this threat is and how it works. I found these links especially useful in working with our clients to help them protect their systems from falling victim to this global threat:

Although the spread of the malware appeared to slow down due to the kill switch described in the article above from Malwaretech, a new version that was not impacted by this kill switch was already reported to be seen in the wild by Sunday.

By Monday, May 15th, we had reports of hundreds of thousands of machines infected worldwide, from individual home users to global corporations like FedEx Corp, Renault, Nissan, and Telefonica among them. The German rail operator Deutsche Bahn was an example of how an IT incident can cripple critical infrastructure.

Image shows WannaCry Ransomware Attack screenshot

WannaCry Ransomware Attack

Although the spread of the malware appeared to slow down due to the kill switch described in the article above from Malwaretech, a new version that was not impacted by this kill switch was already reported to be seen in the wild by Sunday.

By Monday, May 15th, we had reports of hundreds of thousands of machines infected worldwide, from individual home users to global corporations like FedEx Corp, Renault, Nissan, and Telefonica among them. The German rail operator Deutsche Bahn was an example of how an IT incident can cripple critical infrastructure.

The map illustrates the countries that were effected by WannaCry Cyber Attack

Global Effects of WannaCry Cyber Attack

It was interesting to see that the ransomware was using a known Windows vulnerability that Microsoft has issued a patch on March 14th with the MS17-010 Critical Security Bulletin. This showed us once more how critical it is to have a proactive and regular Vulnerability and Patch Management process. We have observed that our clients who have implemented automated and integrated security processes and solutions were not impacted by this global threat. The importance of the following initiatives was once more proven in the field:

  • Ongoing Vulnerability Scanning and Remediation
  • Automating Windows Updates
  • End-point Security and Anti-Virus
  • End-user Security and Phishing Awareness

WannaCry cyberattack caused NHS operations to cease for several days, affecting hospitals and GP surgeries across England and Scotland

WannaCry cyberattack caused NHS operations to cease for several days, affecting hospitals and GP surgeries across England and Scotland

If you would like to learn more about how you can protect your business from similar threats in the future by implementing proactive and automated solutions, please get in touch with PurpleBox.

If you liked this post, share it now!

Our Recent Posts

How to Secure Your Docker Containers: Tips and Challenges

Discover Docker technology, learn about Docker security best practices and Docker vulnerability...

Read More

Ultimate Guide to Securely Deploy Django at Scale on AWS ECS [Part 3]

Learn how to securely deploy a dockerized Django application to AWS Elastic Container Service w...

Read More

Ultimate Guide to Securely Deploy Django at Scale on AWS ECS [Part 2]

Learn how to securely deploy a dockerized Django application to AWS Elastic Container Service w...

Read More