Skip to main content

WannaCry & The Reality Of Patching: Trend Micro on the latest WannaCry Ransomware attack

Trend Micro claims to have detected and monitored WannaCry since its emergence in the wild in April, 2017, and has been protecting users and enterprises with the ransomware protection features of machine learning-infused Trend Micro XGen security. The initial variant (RANSOM_WCRY.C) was typically distributed via phishing attacks that then had users downloading the malware from Dropbox. The WannaCry ransomware variant of 12-May-2017 has been engineered to take advantage of the most common security challenges facing large organizations today. Starting with a basic phish, this variant uses a recent vulnerability (CVE-2017-0144/MS17-010) allowing the ransomware to spread like a worm throughout unprotected networks.

WannaCry ransomware targets and encrypts 176 file types. Some of the file types WannaCry targets are database, multimedia and archive files, as well as Office documents. In its ransom note, which supports 27 languages, it initially demands US$300 worth of Bitcoins from its victims—an amount that increases incrementally after a certain time limit. The victim is also given a seven-day limit before the affected files are deleted—a commonly used fear-mongering tactic. WannaCry leverages CVE-2017-0144, a vulnerability in Server Message Block, to infect systems. The security flaw is attacked using an exploit leaked by the Shadow Brokers group—the “EternalBlue” exploit, in particular. Microsoft’s Security Response Center (MSRC) Team addressed the vulnerability via MS17-010 released March, 2017.

ShardaTickoo, Technical Head at Trend Micro, India, said," Primarily the regions that have been attacked by the ransomware ‘WannaCry’ include UK, Europe and the APAC region, which include India as well. The data is still being gathered. It’s more of panic situation been built-up. No specific sectors have been targeted and neither is there an intent to target any specific sector, it’s across Government, IT/ITES, healthcare etc. We have seen customers calling us just to see if the controls are in place. There have been some cases reported, but the number is not significant. Our support lines are jammed, and the team has been working overtime through the weekend. There have been customers who have acknowledged being hit by significant ransomware attacks, and our products at the

Popular posts from this blog

Radisson Blu Hotel, Dubai Improves Guest Wi-Fi Coverage and Performance with Aruba Wireless Solutions

Radisson Blu Hotel, in Al Sufouh at Dubai Media City has recently deployed wireless infrastructure from Aruba, a Hewlett Packard Enterprise Company, to deliver secure, seamless, high-speed, wireless internet connectivity across its hotel rooms, suites and public areas. The implementation has resulted in improvement in rating of Wi-Fi services and drastic reduction in volume of IT help desk calls, besides the fact that the design of the Access Points (APs) blends seamlessly with the hotel aesthetics and AP management, monitoring and troubleshooting has become centralized and simplified.

Amazon.in launches “Smart Living Store”

How would it be if you could stream online videos or browse websites on your TV? How about a device that could measure your level of activity throughout the day? How would it be if a device helps keep your home secure? With the Smart Living Store you can find out! Amazon.in announces the launch of “Smart Living Store” - a dedicated store aimed at providing customers the one stop shop for all smart devices across various product categories.

Pi DATACENTERS Achieves Uptime Institute Tier IV Design Certification

Pi DATACENTERS, India, an enterprise class datacenter and Cloud service provider based at Amaravati, the new capital region of Andhra Pradesh, today announced that the company has been awarded Uptime Institute Tier IV Design Certification, achieving the highest standards for infrastructure, functionality and capacity as demonstrated on the design documents. To earn a Tier Certification of Design Documents, a facility is evaluated on mechanical, electrical, structural and site elements, and certified facilities also receive expert recommendations to enhance Operational Stability over the long-term.
“We are pleased to award Pi DATACENTERS with the Uptime Institute Tier IV Design Certification,” said John Duffin, Managing Director, South Asia, Uptime Institute. “Achieving a Tier IV Fault Tolerant Design Certification illustrates that the facility meets the highest standards for infrastructure functionality and capacity as demonstrated on the design documents. This ensures that plans are…