Last week, ransomware WannaCry made headlines as it spread rapidly across 150 countries and attacked over 300,000 computers in a very short time.
Security researcher Marcus Hutchins put a stop to the ransomware spreading by registering a domain that he found in the malicious code. He explained the process saying that “a sinkhole is a server designed to capture malicious traffic and prevent control of infected computers by the criminals who infected them.”
Registering the domain effectively acted as a killswitch since the malware was setup to ping the domain before continuing to spread.
Today that domain was the target of DDoS attack aimed at knocking it offline which could have potentially let the ransomware spread again.
Today’s Sinkhole DDoS Attack pic.twitter.com/wxT2YUrdOF
— MalwareTech (@MalwareTechBlog) May 18, 2017
Since the ransomware hasn’t been able to keep up with the amount of decryption requests, Hutchins speculated that low level hackers, or scriptkiddies, were doing it for laughs. Hutchins did not seem worried about the DDoS attack succeeding, but it serves as reminder to have plan in place in case your business or organization is hit by a ransomware attack.
ITonDemand & WannaCry
WannaCry exploited a vulnerability that was identified in March by Mircrosoft. Due to our strict adherence to keeping our software and hardware up to date, we are able to provide protection from ransomware via patching, backup, antivirus, and disaster recovery.
If you have not, make sure to update your computer this week and be wary of email attachments. Learn more about ransomware or contact us to carefully plan and execute a comprehensive security plan to mitigate the risks ransomware presents.