Kryptos Logic is the digital security firm responsible to handle the main sinkhole and killswitch of WannaCry ransomware. According to the company’s own findings, WannaCry attacks are still infecting computers even after 11 months since its first infliction. In last couple of weeks, some WannaCry attacks have made national headlines again. For instance, Boeing’s network compromise in South Carolina, attacks on Victoria’s police department and Connecticut’s administrative departments are some recent examples of WannaCry obliterations.
According to the security experts at Kryptos Logic, dormant infections in operating systems are keeping this lethal ransomware alive, and as a result, organizations are still bearing the brunt of its encryption activity.
They state another reason for the successful propagation of WannaCry. MS17-010 is a security patch released by Microsoft in March last year to streamline the security of SMB servers. This patch improves the security of the network by making it less vulnerable to the principal exploit kit used by WannaCry called EternalBlue. Absence of this security patch sometimes blocks the network access to the killswitch domain of WannaCry, which transforms the nature of WannaCry from a self-propagating worm to a potent ransomware that immediately starts its encryption module.
It shows that organizations reckless with system and security upgrades are still prone to WannaCry attacks and will remain in constant need of professional services to restore ransomware files.
The company has also launched a free application for organizations to ensure nonstop access to the WannaCry sinkhole. Developers of this tool claim that it will notify the administrators regarding every infected device on the network.
We have seen it in the cases of Boeing and Honda where some infected devices became the reason for internal ransomware epidemic. In such cases, you might not get contacted by the attackers for ransom money. Nevertheless, you will have to take measures to restore ransomware files. If data is critical in nature, downtime damages would be there as well.
All these problems also explain how WannaCry became a worldwide cyber phenomenon last year, stretching its arm of destruction to more than 150 countries and affecting millions of users.
For assistance on file recovery, please contact MonsterCloud Cyber Security experts for a professional ransomware removal.
