WannaCry — The Ransomware That Won’t Die
Just yesterday, news broke that WannaCry infected a Honda plant in Japan. Today, traffic lights in Australia are on the fritz. How is it that WannaCry is still successful? Every single antivirus (AV) program should have it on their blacklist, or list of known threats, by now. So, what’s the deal? Even if these companies have not updated their operating systems, if they have a legitimate security program, they should not be infected with this ransomware. There are only three explanations,
- The organizations are not updating their security software
- They are not running an antivirus solution
- This is a new version of WannaCry that has not been blacklisted yet
First, if an organization has a security solution, which they all should, they need to ensure it is updated. If the AV is not updated, it will not be able to block the latest security threats, such as WannaCry. Second, it is encouraged businesses of all shapes and sizes upgrade their AV programs to a solution that includes application whitelisting technology. Security programs that use whitelisting as their primary method of malware detection, are far more effective in preventing malware infections, including ransomware. The increased prevention is due to the concept of “default deny” within the whitelist. The whitelist will only allow for known, trusted programs to execute. If the program or file has not been tested and deemed safe, it is blocked until appropriate testing can be completed.
Think You’re Immune?
Ransomware has hit hospitals, government agencies, public municipalities, churches, educational institutions, as well as home users. No one is immune from being a target. However, everyone can prevent being a victim.
To see a full list of ransomware attacks that have taken place in 2017, you can click here. We have also created a ransomware map, see below, of the ransomware attacks that have taken place in the U.S.
