Europol Director Rob Wainwright told ITV’s Peston on Sunday program that we are facing an unprecedented attack.
“The global reach is unprecedented. The latest count is over 200,000 victims in at least 150 countries, and those victims, many of those will be businesses, including large corporations,” he said.
“At the moment, we are in the face of an escalating threat. The numbers are going up; I am worried about how the numbers will continue to grow when people go to work and turn (on) their machines on Monday morning.”
— Matthieu Suiche (@msuiche) May 14, 2017
The are a few things that must be clear about the threat:
The WannaCry ransomware spread itself within corporate networks, without user interaction, by exploiting the EternalBlue vulnerability in Microsoft Windows.
The ransomware drops mssecsvc.exe binary in the C:\windows folder.
Against ransomware-based attacks keep your backup up to date.
System administrators urge to apply security updates to the network devices used to protect their infrastructure and identify the threats (e.g. IPS/IDS).
Block any suspicious incoming traffic using SMB and RDP protocols.
(Security Affairs – WannaCry ransomware, cybercrime)