A massive cyberattack has been spreading across the globe since Friday May 12th. The WannaCry malware has hit hundreds of thousands of computers and is disrupting major government and corporate IT operations. Reports of WannaCry attack started coming in as the week closed. There were also reports of a security researcher who had discovered a “kill switch” for this ransomware on Saturday. The reports claimed that the kill switch stopped the ransomware from spreading. However, that is only partly true even if it slowed down the WannaCry attacks.
The kill switch only closed some of the ways in which the malware could spread. More security researchers reported within a matter of hours that new versions of the malware had been found that could not be stopped by the kill switch. As the weekend was coming to a close, experts were expecting new reports of infections as soon as people got back to work on Monday, May 15th.
WannaCry attack is a ransomware attack. Ransomware is a growing category of extremely potent malware. Once it takes control of a machine, it reads the file system and encrypts files on it, making them inaccessible. It asks the owner to pay a ransom in Bitcoin in exchange for it to unlock the files for the user.
WannaCry ransomware mainly exploits the vulnerability present in the Microsoft’s implementation of Server Message Block (SMB) protocol. Accelerite Sentient provides a way for enterprises to detect vulnerabilities which can put them at risk from attacks such as the WannaCry attack, and remediate the situation within a matter of minutes. Radia can help remediate and apply latest patches on PCs, which helps prevent such attacks from occurring within the corporate environment.
Learn more on how to use Radia and Sentient to prevent the ransomware attack from spreading by visiting the KB article on our support portal.
You can read more about WannaCry attack here: