Nyotron Attack Response Center


Executive Summary

The WannaCry cyberattack is one of the largest on record, where organizations in more than 99 countries have been infected with a ransomware variant that spread via the EternalBlue exploit which was patched (MS17-010) in March of this year.

This attack was not sophisticated or elaborate as the media showcases. Analysis entails that the attackers were amateurs that used a publicly available exploit kit affiliated with the latest NSA hack by The Shadow Brokers. The attackers do not seem to target a specific entity. Instead, every target seems valid as it appears to be an attempt to make use of the leaked exploits in order to generate profit.

Nyotron’s PARANOID stops the damage that threats try to cause at the kernel level. In the case of ransomware, PARANOID would have stopped the encryption of files by recognizing that the action was not done legitimately.

Security analysts at Nyotron confirmed that no PARANOID customers have been impacted by this ransomware.

Report Recommendations

  • All Windows machines must apply the latest security updates provided by Microsoft.
  • Brief company employees regarding e-mail attachments.
  • Block access to port 445 from the WAN to your organization’s internal network.
  • Disable the SMBV1 Protocol.
  • Remove/Disconnect vulnerable and infected machines from the network.
  • All of these recommendations would be a moot point if the user has Nyotron’s PARANOID installed in PREVENTION MODE – as we stop the damage that any type of threat tries to inflict regardless of attack vector, method or technique.

Contact Us to Learn More at: info@nyotron.com

Nyotron’s PARANOID Threat-Agnostic Defense is the New Security Paradigm.
Request a Live DEMO NOW!