Wednesday, May 17, 2017

WannaCry Ransomware - Lessons Learned



WannaCry (or WannaCrypt) is a new malware that hit over 200,000 computers in over 150 bcountries late last week (May 12, 2017). This malware encrypts files on the infected machine, making them inaccessible. What make this a significant cause for concern, is that it was the first time ransom-ware had the ability to spread automatically on a computer network, to other vulnerable computers. That means an entire network could become infected, as a result of the action of a single user clicking on an email attachment.

Fortunately, a temporary solution was identified to halt the spread of the malware, by registering a specific domain that the malware was trying to connect to. However, new versions have since been released by malware authors, which ignore this domain.