How WannaCry Spread

On April 15th, a group of threat actors, known as the “Shadow Brokers”, released a large collection of offensive security tools and data to the world. Threat actors used the deadly combo to infect thousands of computers with WannaCry ransomware in close to 100 countries, including the UK’s National Health Service (NHS), Spain’s Telefonica and FedEx. 
Image of How WannaCry Spread

How Armor Responded

We know ransomware can be a devastating event for any company. At Armor, we protect companies like yours every day leveraging our Managed PDRR platform. Armor Protects, Detects, Responds, and enables you to Recover.

Armor had previously identified the root vulnerability that enabled WannaCry to spread. Through active managed Protection, we worked to ensure proper patching and configuration changes were enacted. As a result, none of our customers have been affected by the WannaCry ransomware to date. Should a customer have been compromised, Armor’s included 14-day environment snapshot would have allowed our customers to Recover through a rollback.
Image of Armor's response to WannaCry

We’ve created this resource page which we will constantly update with useful information on the spread and containment of WannaCry. Below and to the right, you’ll find a variety of insight, including a white paper, covering the details of the WannaCry ransomware and how to protect yourself against similar threat actors.

WannaCrypt Attacks

Guidance for Azure Customers

Whether or not you were impacted by the recent WannaCrypt malware, Microsoft recommends all Azure customers take 8 steps, found in this blog, to further protect your organization from attacks like these.

MalwareTech Botnet Tracker

WannaCry Infection Map

View maps which display the geographical distribution of malware infection.

Armor Threat Intelligence Briefing Signup

Keep up-to-date on the latest threats.

Have you been affected by the WannaCry ransomware?

Our security specialists are standing by to help you overcome WannaCry.

Chat with a security specialist live:

8 a.m. – 6 p.m. CDT
9 a.m. – 6 p.m. BST

Or, call a security specialist:

8 a.m. – 6 p.m. CDT
+1 877 262 3473