It is what every organization fears. Every single one of your files has been locked. No one can access the network, and some shady hacker from who knows where is demanding money now in exchange for the return of your valuable files. That is exactly what WannaCry is doing, a ransomware that has been targeting businesses in both hemispheres.
Released a few weeks ago by a hacker crew called Shadow Brokers, WannaCry is rapidly spreading across the globe thanks to the leaked National Security Agency (NSA) tool EternalBlue. This EternalBlue component is what makes this newest ransomware attack so concerning. With its worm-like functionality, EternalBlue has the capabilities to scan the entire internet and locate other vulnerable, unprotected devices, and quickly infect them. Compared to a weapon of mass destruction, EternalBlue can spread like wildfire once it infiltrates an unpatched computer.
The Many Victims of WannaCry
While not isolated to a single country, this ransomware has hit the UK particularly hard—especially its hospitals. It has caused entire ward closures, staff being sent home, and patients being turned away. Sixteen hospitals were reportedly hit and advised patients to look elsewhere for treatment. Ambulances were also diverted to unaffected hospitals, while some hospitals only accepted patients in critical or life-threatening situations.
As UK hospitals scrambled to maintain and divert operations, other nations (at least 11) started experiencing the ransomware attack. WannaCry began surfacing in Russia (one of the hardest hit countries), Spain, the U.S., and China, hitting enterprise giants like Telefonica and FedEx. Shadow Brokers are demanding affected companies pay upwards of $300 to remove the ransomware from computers, or else their files stay locked, and their computers remain unusable. Earlier this month, as many as 150,000 devices were deemed vulnerable, which means WannaCry is expected only to worsen.
Protect Your Business from WannaCry Ransomware
If enterprise giants like FedEx and Telefonica have been hit, you can bet small and medium-sized companies will not be exempt from the victim list. Unless you have superior security solutions, brace yourself.
To avoid wild ransomware attacks such as WannaCry, businesses need to invest in a quality security solution such as CylancePROTECT. This advanced threat protection blocks threats in real time before they can do any damage to your business. Easily secure your entire infrastructure from system and memory-based attacks, malicious files, malware, scripts, and other unwanted programs. Cylance threat researchers continuously investigate new threats as they arrive to ensure CylancePROTECT can fully block every new variant out there, so you do not have to worry, and your business does not have to upgrade.
In addition to having proper security solutions in place, end-users should also keep software up-to-date, which includes operating systems. They should also be able to identify and avoid dangerous web locations. One of the most important things an organization can do is educate their end-users. Teach them how to detect phishing emails, infected banners, spam emails, and other online threat attempts.
With the EternalBlue component of WannaCry, this ransomware is not isolated by any means. As such, organizations everywhere need to buff up their security solutions and implement additional measures to ensure this ransomware and future variants do no harm to their operations.