WannaCry Ransomware and How to Defend Against It

Written By

Lital Asher-Dotan

 A malicious software called WanaCrypt0r 2.0 (aka WannaCry or WCry) has been affecting computers across the globe. Initial estimation states it hit 36,000 organizations, among them the UK National Health Service (NHS) and hospitals across the UK and Scotland, organizations in Spain, Russia, the Ukraine and Taiwan.

Security researchers believe this widespread global ransomware attack is the result of a vulnerability called "EternalBlue" that came out of the NSA exploit dump by Shadow Brokers.

Here are a few simple steps to take to protect yourself against the WannaCry ransomware:

1 - Patch ALL Windows machines in your environment immediately. The EternalBlue vulnerability was patched by Microsoft back in March as part of MS17-010.

2 - Maintain up-to-date backups of files and regularly verify that the backups can be restored.

3- Ransomware attacks target shared network drives and cloud backups. This scenario makes it hard to retrieve the information in case of a ransomware attack. Therefore, do not rely on backup only - you must consider a protection mechanism.

4 - Ransomware is often delivered through the exact same channels as other types of malware: spear-phishing and malicious drive-by. Educate users to refrain from clicking on suspicious links, downloading email attachment and downloading software from dodgy resources.

Ransomware evolves, and new variants attack organizations and individuals every day. The Cybereason EDR platform includes a detection and response module to new to the world, never seen before types of ransomware. 
Lital Asher-Dotan
About the Author

Lital Asher-Dotan

Lital is a Marketing Team Leader, Storyteller, Technology Marketing Expert. She joined Cybereason as the first marketing hire and built a full marketing department. Specializing in brand building, product marketing, communication and content. Passionate about building ROI-driven marketing teams.

Related Posts

Cybereason vs. WhisperGate and HermeticWiper

Cybereason vs. WhisperGate and HermeticWiper

Ukrainian officials attributed the attack to Russia “preparing the ground” for a military invasion with nasty wipers dubbed WhisperGate and HermeticWiper. Cybereason Anti-Ransomware and Anti-MBR corruption technology detects and blocks WhisperGate and HermeticWiper...

Cybereason vs. HermeticWiper and IsaacWiper

Cybereason vs. HermeticWiper and IsaacWiper

Sophisticated multi-stage attacks are delivering highly damaging wipers dubbed HermeticWiper and IsaacWiper. The Anti-Malware capability in the Cybereason XDR Platform detects and blocks these destructive wipers...

Recent Posts

CVE-2025-32433: Unauthenticated RCE Vulnerability in Erlang/OTP’s SSH Implementation
From Shadow to Spotlight: The Evolution of LummaStealer and Its Hidden Secrets
A Class Above: Expert Support for Data Breach Class Action Defense

Categories

All Posts