The WannaCry ransomware family took only 24 hours to infect 200,000 computers in over 100 countries last month, affecting companies such as Renault, Nissan, Telefonica Spain, FedEx and more than 40 hospitals in the UK. Researchers around the world were surprised how fast the malware spread without user interaction as a result of outdated Windows versions and inefficient security solutions.
The ransomware wave is back, as Honda Motor Co announced on Wednesday it shut down a factory northwest of Tokyo for 24 hours, after its infrastructure was infected with WannaCry on Sunday, Reuters writes. The ransomware infected other company networks in Japan, North America, Europe, China and other areas, but did not affect production, according to a company spokesperson.
In Victoria, Australia, meanwhile, 55 speed and red-light cameras were infected by a USB with ransomware as a result of “human error,” according to Radio 3AW.
“The Department is in the process of removing the virus from the affected cameras. The remaining sites will be rectified in the next couple of days,” said a spokesperson from the Justice and Regulation. “The software virus has not impacted the accuracy of the camera system. All infringements during this period have been captured correctly, and no infringements have been affected by the virus.”
WannaCry is here to stay and take advantage of vulnerable devices to spread ransomware across infrastructures. Without the user’s knowledge and involvement, it uses the EternalBlue exploit, encrypts the data and then corrupts another device in the network. Without proper security and employee training, businesses are exposing themselves to a high risk. It only takes one infected device for the infection to get out of control and even spread across countries. Also, hackers can exploit exposed servers such as web pages and file shares to infiltrate business networks.
“The probability to find an unpatched server is higher as admins cannot afford downtime of critical services in order to patch those servers. The final piece that contributed to this massive outbreak is the incredibly wide range of Windows operating systems that shared this vulnerability – everything from Windows 2008 upward,” reads a Bitdefender report.
Businesses deploying Hypervisor Introspection, a new security layer offered by Bitdefender, were protected from WannaCry ransomware infections.
- Keep your computer up-to-date.
- Deploy the MS17-010 hotfix and update your local anti-malware solution immediately.
- Backup your data
- Manually disable the SMB protocol, if you’re not using it
- Run endpoint protection on your desktop, laptop and smartphone
- Keep you and your colleagues clued up about computer security threats