Last Friday the Wanna Cry 2.0 ransomware attack made headlines worldwide. As I covered in my previous blog, Tachyon customers were able to immediately identify if they had been infected or not, using “out of the box” functionality of Tachyon.
For example, the first thing our IT department did was a search for any devices with a .wcry extension (this indicates that a file has been encrypted by WannaCry 2.0). Even though our devices are spread across India, the UK, Ireland and the USA, our IT department knew in less than a minute that 1E was not infected as an organization.
Since that “first response” on Friday, lots more information has come to light. There are patches (which were available several weeks before the ransomware made the rounds) and approaches like switching off SMB 1.0 (also recommended months before the attack) which can be used to ensure your organization doesn’t become infected by WannaCry 2.0.
1E has codified a number of approaches to risk assess your environment, identify infected machines and protect your environment from Wanna DeCrypt 2.0 and we’ve released that as a Product Pack to our brand new 1E Community – Tachyon Exchange.
Check out the Wanna Cry 2.0 Product Pack video above and the rest of the Product Packs available here.