The WannaCry ransomware is a worm that spreads by exploiting vulnerabilities in the Windows
operating system. Specifically, WannaCry spread by using Eternal Blue, an exploit leaked from the
National Security Agency (NSA) Windows that used a zero-day vulnerability to target Windows
computers using legacy version of the Server Message Block (SMB) protocol. WannaCry first began
spreading across computer networks on May 12, 2017.
WannaCry ransomware is particularly dangerous because it is propagated through a worm, meaning it
can spread automatically without victim participation as with ransomware that is spread through
phishing or other social engineering methods.
WannaCry ransomware infects Windows computers, encrypting files on the hard drives of PCs so users
couldn’t access them and then demanded a ransom payment of between $300 to $600 in bitcoin within
three days to decrypt the files; however, even after paying, only a handful of victims were given
decryption keys. Microsoft released a patch to mitigate the vulnerability, taking the highly unusual step
of releasing patches for end-of-life versions of Windows including Windows XP and Windows Vista.
The WannaCry ransomware affected hundreds of thousands of computers in as many as 150 countries,
including many systems in the National Health Services of England and Scotland. In those countries,
WannaCry locked doctors out of patient records and forced emergency rooms to turn away ambulances.
InovaSys provide integrated solution to protect our valued customer’s environment from
outside and inside threats which contains ransomwares, to protect and recover data from
Ransomwares you have to focus on the below technologies:
– EPP (Endpoint Protection)
– EDR (Endpoint Detection and Response)
– Patch Management
– ATP (Advanced Threat Prevention)
– Mail gateway
– Backup Solution