Vorsite Cloud Services

WannaCry Ransomware Runs Rampant – New Variants Found

Written by cloudservicesforbusiness | May 16, 2017

This past Friday, a new ransomware threat burst onto the scene globally in what was described as an attack “unprecedented in its scale.” Before the original version was stopped by a young, anonymous digital security expert, it had brought England’s National Health Service to its knees. It forced medical staff to resort to keeping paper records as large swaths of their computers were locked up with their files encrypted.

French automaker Renault saw factories sitting idle for the same reason, and as the day wore on, the news only got worse.

The security expert who saved the day did so by finding and exploiting a weakness in the code the hackers were using which allowed him to take control of a “kill switch” that only the hackers were supposed to have access to. However, he warns that another attack is almost certain to occur once the hackers have corrected their mistake.

The malware works by exploiting a flaw in the venerable Microsoft XP operating system, which is still in surprisingly widespread use, despite the fact that Microsoft formally ended support for the aging OS back in 2014. The attack was so severe that Microsoft took the unusual step of issuing an emergency patch to protect XP users, who are advised to update their software immediately.

Already, two new strains of the WannaCry malware have been discovered in the wild, one of which has no kill switch at all. Fortunately, this variant isn’t fully functional yet, which gives XP users at least a little time to patch their systems before the next attack occurs.

If you are infected, as with other forms of Malware, WannaCry will encrypt all your files and demand a payment in BitCoin. Your choices are to pay the ransom and get the unlock key, which doesn’t ever guarantee unencrypting your files or safety from future attack, or you can restore your system from backup, assuming you have a recent backup. Ensuring that all of your systems are updated and that you have defense against these types of attacks as well as proper backup is critical.Please give our team a call if you have any concerns about this or any other security issues.