Update: New Wave of WannaCry Ransomware Spreads to 150 Countries
Today, Monday, the 15th, the ransomware “WannaCry”spread to 150 countries worldwide. The attack reached Asia as thousands of employees logged in to their computers at work.
The malware immobilized computers across multiple industries including logistics, government, finance and healthcare. Fed Ex Corporation in the US was among one of those hit. Many companies are still trying to recover from the first attack on Friday.
The ransomware, named “WannaCry,” locks down all the files on an infected computer and asks the computer’s administrator to pay to regain access. The ransomware evolved from a Microsoft Windows vulnerability called “EternalBlue.” (Microsoft released a patch for this in March.) If a payment is not made within six hours, the ransom goes up. This is one of the largest cybersecurity events the UK has ever seen. Sixteen National Health Service (NHS) organizations in the UK have been hit, forcing some hospitals to tell patients to avoid emergency departments if possible. Spanish telecom company Telefónica was also hit with “WannaCry.”
Protect Yourself and Your Business
Companies should immediately apply the patch released in March to all systems to prevent “WannaCry” from infecting their organization. When the ransomware infects a new machine, it actively seeks out PCs on the same internal network. This could happen while you’re sitting in an airport lounge, wirelessly connected and waiting for your plane. A single infected PC can spread the attack to all the others who don’t have the patch applied. After that, it’s off to infect other individuals and companies. If you are an individual computer owner, you’re protected only when you have up-to-date software with automatic updates turned on.
Training your staff to recognize these attempts can help protect your organization from attack. When you educate your employees about sophisticated phishing and ransomware attacks, you are performing the most effective countermeasures available to you. A staff that knows what to look for is your best ally in defeating these global cybercriminals. Security Awareness Services from Dynamic Quest combine training and systematic follow-up to shore up your data defenses.