Homepage FirstWave Cloud Technology newsroom
Register as BUSINESS Register as PR AGENCY Register as JOURNALIST

FirstWave Security Update – “Wannacry” ransomware

Announcement posted by FirstWave Cloud Technology 15 May 2017

On May 12, “Wannacry” ransomware attacked public and private organisations worldwide. FirstWave’s content security platform enforced protection automatically. There were no breaches seen through our platform . Our cyber security team will keep monitoring

Over the weekend, FirstWave has been closely monitoring a major ransomware attack with serious global impact popularly named as ‘Wannacry’ or ‘Wanacry’. The ‘Wannacry’ attack began with the spread of the WanaCrytpOr ransomware to public and private organisations worldwide. These attacks were focused on overseas countries but they have now started to affect some organisations in Australia.


A number of different threat vectors have been used in this attack, including network intrusion, email attachments and malicious URL links.  WanaCrypt0r ransomware attacks begin through two mechanisms, either, an email-based phishing delivery mechanism that includes a malicious link or PDF document, or through a network-based exploit targeting internal MS Windows systems through a non-patched device. If the link or pdf document is opened, the attack results in the delivery of the WanaCrypt0r ransomware on the target system.


This attack has primarily affected organisations with large numbers of MS Windows operating systems, both server and workstations, where both endpoint security patching processes and gateway security were not adequate. FirstWave platforms provide protection independent of the underlying customer infrastructure.

 

FirstWave Cloud platforms use multiple layers of defence to protect against internet based vectors used by this attack. The platform incorporates world-leading multi-vector security solutions including from Cisco and Palo Alto Networks. It automatically analysed and enforced protections from this attack from the moment it began. No breaches were detected through our platform, which scans and blocks millions of emails every day and protects tens of thousands of client devices.


Our cyber security forensics team observed no cases of this attack getting beyond our first layer of defence.


Simon Ryan, FirstWave’s CTO commented, “FirstWave customers are with us for a reason, they are already security conscious and understand the seriousness of ensuring the best security posture.”

 

“This global event heralds the need for sweeping changes in IT administration. It is no longer acceptable to have unmaintained IT assets and companies worldwide need to face the commercial realities of the move to cloud for security.”

 

“Some of the biggest impacts we have seen have been in the medical sector, where typically funding for maintenance is low and legacy software dependencies are high, we can expect to see big changes here also and the uptake of IOT firewalling as standard practice.”


For more help to prevent future attacks:

For support – support@firstwave.com.au  02 9409 7000

For sales enquiries – sales@firstwave.com.au  02 9409 7000