The WanaCrypt0r ransomware hit with a vengeance on Friday, with the outbreak beginning in Europe, striking hospitals and other organisations, then quickly spreading across the globe. As of 1:00pm Pacific Time, it is believed more than 57,000 systems in more than 74 countries had been affected.
Researchers at SentinelOne have determined that the Endpoint Protection Platform does successfully detect and block this ransomware strain. Customers are advised to make sure that they are running the latest version.
Additional reports indicate that this ransomware strain was distributed using the EternalBlue exploit that was released by the ShadowBrokers in April. This vulnerability was patched by Microsoft (MS17-010) before ShadowBrokers released the exploit. This shows that in the real world keeping up-to-date with patches and critical updates can be difficult but is a crucial step for all organisations.
Watch SentinelOne’s advanced machine learning engines at work against WannaCry: