As we are aware that the hackers have exploited malicious software stolen from the National Security Agency and executed damaging cyberattacks on last Friday. It does start as a large-scale ransomware attack hitting UK National Health Services (NHS), the story quickly unfolded to reveal that this vulnerability has hit at least 12 nations, including Spain, Germany, Russia, UK, and more. It could be one of the largest single outbreaks of ransomware thus far.
Commenting on this outbreak, Gavin Millard, EMEA Technical Director of Tenable Network Security said, “With the success of the initial infection of WannaCry, it wouldn’t be at all surprising to see the next iteration released soon. Although there has been a significant amount of interest in the media and inescapable coverage of the outbreak, many systems will still be lacking the MS17-010 patch required to mitigate the threat.”
“For users that are rightfully concerned about another WannaCry wave, updating their system to remove the vulnerability that it targets and blocking SMB traffic (Ports 139 and/or 445) to any system that can’t be updated is critically important. A quick check on Shodan, the search engine for devices connected to the internet, yielded 229,000 Windows systems with SMB exposed and remotely accessible. Not all of these will be vulnerable, but many could well be leverage to spread this aggressive ransomware further or be a point of entry into organizations.”