The WannaCry Attacks - SonicWall Responds

18/05/17 10:55:00

The Diagnosis

The ransomware is a variant of the WannaCry or WannaCrypt program that encrypts a user’s data. Initial infections were caused by users clicking links in phishing emails however this ransomware is more interesting as it includes a worm that takes advantage of a well-known exploit in Windows to spread itself throughout a network: not only infecting the link clicker’s machine but also those unpatched PCs on the network they are connected to.

The Cure

This is why it has spread so quickly on this occasion into one of the largest ransomware outbreaks that we have seen so far. The damage could have been far greater if it wasn’t for a security researcher and blogger who, in the process of investigating the ransomware, happened upon a ‘kill switch’ which stopped this particular strain from propagating further. There have, however, already been variants detected without this kill switch hardcoded in them.

Although this strain of the ransomware is new, the code behind it is based on an original version of WannaCry seen earlier this year in February.

SonicWall appliances with correctly configured security subscriptions were effective in blocking this outbreak.

Prevention is always better than cure.

The WannaCry Attacks - SonicWall Responds

The Diagnosis

The Cure

SonicWall Cloud Secure Edge Webinar - Catch up now!

Promotions - July 2025

UPDATE 7th August 11am - SonicWall SSLVPN Vulnerability on Gen 7 Devices

Important SonicWall SMA Update: End of Support 31 Oct 2025

URGENT SONICWALL SECURITY ALERT - MySonicWall Backup File Incident