WannaCry Forced Down LG’s Systems

Tuesday, August 22, 2017 @ 06:08 PM gHale


WannaCry continues its assault as electronics manufacturer LG is the latest organization hit by ransomware, as part of its network shut down earlier this month.

First spotted in May, WannaCry is a form of ransomware exploiting a Windows vulnerability patched by Microsoft shortly after the outburst.

RELATED STORIES
Users Learning, But Ransomware Still a Problem
WannaCry Wake: IT Now Better Prepared
Android Ransomware Copies WannaCry
WannaCry Shuts Honda Plant

Microsoft even shipped emergency patches for Windows XP in an attempt to keep users protected, so the only thing system administrators need to do is deploy the latest updates to block the infection.

Apparently, this never occurred on South Korea-based LG’s systems. A self-service kiosk operated by the company in South Korea ended up compromised with WannaCry and it took off from there.

While it’s not known how many computers in LG’s network ended up compromised, the company decided to shut down a number of systems to prevent the ransomware from spreading. LG blocked the access to the service center where the malware was first spotted, and this proved to be a smart move as no data has been encrypted. Furthermore, LG said no ransom had been paid.

“We analyzed the malicious code that caused delays at some service centers on Aug 14th with the help of KISA [Korea Internet & Security Agency] and confirmed that it was indeed ransomware. According to KISA, yes it was the ransomware known as WannaCry,” a company spokesperson said.

LG restored all machines in less than 2 days, but the company is yet to determine how exactly the ransomware took down the systems.

WannaCry has made hundreds of thousands of victims across the world, including some high-profile companies, such as car manufacturer Honda, which was forced to shut down one production plant completely due to its network being compromised by the ransomware.

Honda isn’t the only company whose computers got compromised by WannaCry, with Renault and Nissan also discovering the ransomware on its systems at production facilities in Japan, the UK, France, Romania, and India.

WannaCry hit in May taking advantage of a previously patched exploit the hacker group Shadow Brokers pilfered from the NSA. 

The ransomware affected mostly computers running Windows 7 or even the outdated Windows XP that hadn’t been patched. 

Eighty-six percent of U.S. organizations had to “divert significant resources” to safeguard themselves during the WannaCry attack, according to the research from software lifecycle automation solutions provider 1E. Just 14 percent of respondents said their organization was prepared for such an attack.

In the manufacturing industry, this would not be a surprise, but the study also shows 86 percent of organizations don’t apply patches immediately after they release, thus leaving endpoints and entire networks exposed to such attacks.



Leave a Reply

You must be logged in to post a comment.