WannaCry Holds Data Hostage

    June 19, 2017

    How to prepare for, detect and mitigate ransomware risks

    In a cyber event that brought those in charge of security to near tears, the ransomware called WannaCry encrypted files on infected systems while attackers demanded payments before releasing data and allowing organizations to regain control.

    Given the speed of its spread and the breadth of its scope, many are considering it the world’s largest cyber attack ever as its effect rippled across 150 countries and an estimated 300,000 machines.1

    The ransomware, a form of malware, exploited a vulnerability in some Windows-based operating systems. Although Microsoft had released a critical security patch in March, many victims hadn’t updated their computers and networks soon enough to be protected from the May 12th attack, leaving them exposed to WannaCry and other ransomware risks.

    Widespread damage

    The attack impacted UK healthcare delivery, while disrupting the production and flow of services in some of the largest companies across the globe, including FedEx, Renault and Nissan:

    As part of the National Health Service, some UK hospitals were crippled by the cyberattack, which forced operations to be canceled and ambulances to be diverted2. Health workers reported being locked out of their systems and seeing messages demanding ransom payments to regain access.3

    In the U.S., the ransomware attacks forced the Memphis-based headquarters of logistics giant FedEx to shut down operations Friday4 [the day after the attack].

    Automaker Renault reported that several of its facilities in France, Slovenia and Romania had been hit. Nissan confirmed it had to halt production at one of its facilities, a plant in Sunderland located north of London with 7,000 workers.5

    Others hit included China Government agencies, German Railway Company Deutsche Bahn, Russia's Interior Ministry and Telefónica, one of the world’s largest telecom companies.1

    Beyond patching

    Software patches play a critical role in protecting your organization from ransomware like WannaCry, but they are just one part of a multi-step, defense-in-depth security approach that includes:

    • Preparation: Readying your organization for ransomware attacks
    • Detection: Monitoring and analyzing the IT environment to spot malicious activity
    • Mitigation: Reducing the damages if an attack occurs

    You can read more about defending your data and your business in our new security brief, Attacking Ransomware: Avoiding Threats That Hold Your Data Hostage.



    1 The White House, Office of the Press Secretary, Press Daily Briefing by Press Secretary Sean Spicer #48, May 15, 2017.

    https://www.whitehouse.gov/the-press-office/2017/05/15/press-daily-briefing-press-secretary-sean-spicer-48

    2 CNN.com, Global cyberattack: A Super-Simple Explanation of What's Going On, May 15, 2017. http://money.cnn.com/2017/05/14/technology/global-cyberattack-explanation/

    3 CNN.com, UK prime minister: Ransomware Attack Has Gone Global, May 12, 2017. http://www.cnn.com/2017/05/12/health/uk-nhs-cyber-attack/index.html?iid=EL

    4 LocalMemphis.com, FedEx One Of Many Organizations Targeted In Worldwide Ransomware Attack, May 15, 2017. http://www.localmemphis.com/news/fedex-one-of-many-organizations-targeted-in-worldwide-ransomware-attack/712658836

    5 NBCNews.com, European Car Plants Halted by WannaCry Ransomware Attack. May 15, 2017. http://www.nbcnews.com/business/autos/european-car-plants-halted-wannacry-ransomware-attack-n759496

    Other Posts You Might Be Interested In

    How to Thrive in the Cloud

    A contemporary politician once quipped, “Corporations are people, too,” in the final weeks of a hard-fought campaign. While his comments were controversial at the time, the...

    Crashing websites commonplace during COVID-19. Here’s how businesses can achieve greater resilience

    Crashing websites have been a common impediment for U.S. consumers from the very beginning of COVID-19. According to a study conducted by OnePoll on behalf of Sungard...

    Ransomware attacks against U.S. government entities in 2019 and 2020: 5 key observations and takeaways for municipalities

    U.S. city and county governments were targeted by 106 ransomware attacks in 2019 and 45 in the first half of 2020. But these numbers don’t tell the whole story. Not even...