‘WannaCry’ ransomware evolves despite attempts to kill it

The WannaCry ransomware that wrecked havoc across the world is still a security issue with organizations that run operating systems that haven’t been updated to protect against today’s security threats. It’s important to stay continuously up-to-date and monitored to protect your business and Pro-Active IT can help you do that. We proactively monitor, manage and support all of your Cyber Security needs within a price point that fits your budget, so you’ll never have to worry about your IT environment again.

“There were predictions that the fast-spreading “WannaCry ” (aka “WannaCrypt”) ransomware would quickly evolve to get around its domain-based kill switch, and, well… the predictions were right. Security researchers have discovered variants of the Windows malware that either have different kill switches (easy to stop by purchasing the web domain) or don’t have a kill switch at all. MalwareTech’s initial findings might have stopped the original WannaCry in its tracks, but that was really just a speed bump for malicious coders.

In the meantime, the NSA-derived attack has affected companies and infrastructure well beyond the UK’s National Health Service. French car manufacturer Renault has confirmed to Reuters that it stopped production at multiple sites on May 13th to limit the reach of WannaCry. It plans to resume business as usual on Monday, but that’s a significant setback for a company that counts on continuous manufacturing. FedEx, Telefonica, Germany’s railway system and other big names have also been hit, although not always so dramatically. Europol’s Rob Wainright reports that the ransomware has hit about 200,000 computers in over 150 countries, and believes that the problem is getting worse, not better. It could be particularly bad on Monday, when many businesses switch on their computers and might expose unpatched systems to attack.

There will be solutions to this particular attack: more organizations will patch their PCs, and updated antivirus software will catch the malware. The big question is whether or not this will prompt a broader change in security policy. Many of the victims fell prey simply because their systems were running Windows XP or Server 2003, both of which have lost official support outside of special contracts. While it would be unrealistic to expect everyone to always run the latest operating system (software compatibility and cost are major concerns), you may well see repeat incidents unless these large-scale customers get in the habit of staying reasonably up to date.”

Read original article here.

Author: John Fingas