What can we learn from the WannaCry attack?


You are probably aware that a global cyber attack has been underway since Friday, affecting more than 200,000 organizations in 150 countries.

WannaCry is a ransomware attack that exploits the MS17-010 vulnerability. Both LogPoint and LogPoint Free users can quickly identify vulnerable systems and suspicious potential lateral movements machines that are infected. In other words, companies that have installed LogPoint can conveniently detect ransomware vulnerabilities and exploits.

Find more Information on Ransomware on our Website, for more details on how to react to the attack with LogPoint, read the blogpost "Responding to WannaCry Malware".

We specifically developed an application for WannaCry which you can download on the Help Center. LogPoint contains a dashboard and several alert signatures to detect the spread of the malware in the organization. The triggers include Abnormal amounts of SMB connectivity, creation of encrypted WannaCry files, correlations to threat intelligence data and connections to the sinkholed domains identified during the weekend.

Download our WannaCry application here! In case you need any assistance, please feel free to contact us.