Protect yourself from WCry Ransomware

Posted 15th May 2017 News

On May 12, FortiGuard Labs began tracking a new ransomware variant that spread rapidly throughout the day. It is a highly virulent strain of a self-replicating ransomware that has impacted such far-flung organisations as the Russian Interior Ministry, Chinese universities, Hungarian and Spanish telcos, and hospitals and clinics run by the British National Health Services. It is especially notable for its multi-language ransom demands that support more than two-dozen languages.

This ransomware is being referred to by a number of names, including WCry, WannaCry, WanaCrypt0r, WannaCrypt, or Wana Decrypt0r. It is spread through an alleged NSA exploit called ETERNALBLUE that was leaked online last month by the hacker group known as The Shadow Brokers. ETERNALBLUE exploits a vulnerability in the Microsoft Server Message Block 1.0 (SMBv1) protocol.

Fortinet have released an informative blog detailing systems affected, what steps to take next and what preventative measures users and organisations can take.

If you think you or your organisation are victims of ransomware, Mach One can assist you in checking your systems and getting you back up and running. We can also help you become more secure to prevent future attacks, including implementing and documenting an incident management plan.

Please Contact Us for more information.


Whatever your support requirement, we will work with you to tailor a package that specifically suits your needs. Get in touch with us today to arrange a consultation.

Contact Us