Within 12 hours, 81,000 infections were reported globally of the Wannacryptor Ransomware or Wanaacry Ransomware outbreak.
NHS reported 16 hospitals in the UK have been hit and can’t operate or admit patients because all data is encrypted and locked. Spanish telecom giant, Telefonica, was hit and responded by “desperately telling employees to shut down computers and VPN connections in order to limit the ransomware’s reach.” Banks, utilities, telecoms, healthcare and other industries are reporting similar experiences worldwide. At this time, this ransomware variant appears to be taking advantage of a known and patched Windows vulnerability.
A huge cyber attack leveraging hacking tools widely believed to have been developed by the US National Security Agency brought disruption to Britain’s health system on Friday and infected dozens of other countries around the world, security researchers said.
Hospitals and doctors’ surgeries in parts of England were forced to turn away patients and cancel appointments after they were infected with the “ransomware”, which scrambled data on computers and demanded payments of $300 to $600 to restore access. People in affected areas were being advised to seek medical care only in emergencies.
“We are experiencing a major IT disruption and there are delays at all of our hospitals,” said the Barts Health group, which manages major London hospitals. Routine appointments had been cancelled and ambulances were being diverted to neighbouring hospitals.
Malware analyst with cyber security firm Tier3 have noted that It is the first piece of self-spreading ransomware, . “Once it gets in and starts moving across the infrastructure, there is no way to stop it.”
The WannaCry malware exploits a vulnerability widely believed by security researchers to have been developed by the National Security Agency that was released on the Internet last month by a group known as the Shadow Brokers.
WannaCry Ransomware Decryption Keys – Wannacry Decrypt
If your PC has been infected by WannaCry – the ransomware that wreaked havoc across the world last Friday – you might be lucky to get your locked files back without paying the ransom of $300 to the cyber criminals.
Security researchers, have discovered a way to retrieve the secret encryption keys used by the WannaCry ransomware for free, which works on Windows XP, Windows 7, Windows Vista, Windows Server 2003 and 2008 operating systems.
The WannaCry’s encryption uses a pair of keys on the victim’s computer that rely on prime numbers, a “public” key and a “private” key for encrypting and decrypting the system’s files respectively. This method works effectively as long as associated memory has not been allocated and erased by some other process.
Tier3 is protecting your organization against this specific ransomware variant. Our anti-ransomware technology uses a dedicated real-time detection and blocking engine that continuously monitors for ransomware behaviors, like those seen in WanaCrypt0r.
If you need any help please contact us.