What is WannaCry Ransomware?
WannaCry Ransomware is a type of malware/computer worm that targets the windows operating system. It is also known as WannaCrypt0r, WannaCrypt, WCRY and WRypt. WannaCry has two malicious components combined which is ransomware variant and worm. It works together during the attack stage. In 2017, it attacked a huge number of computers from more than 150 countries and companies including FedEx, Telefonica were targeted. In Singapore, Tiong Bahru Plaza and White Sands are believed to be targeted by the WannaCry ransomware attack. The 2017 incident is one of the most high profile ransomware attacks that ever took place. Across the globe, the estimated cost of the cybercrime caused by the WannaCry ransomware is calculated as $4 billion USD. It mainly targets the older version of windows operating system. The employees working in the office are the main targets which is around 43% of the victims.
X-PHY protection against Wanna Cry
Flexxon tested the WannaCry ransomware on a X-PHY® SSD and a normal SSD to see the responses. In less than 5 seconds, X-PHY® stopped the attack dead in its tracks, locked all data keeping it untouched, and immediately notified the user via email.
Here are the screenshots of the results,
Testing without X-PHY,
Testing with X-PHY
Once you unlock it, the data inside the test folder is secured and protected because of the X-PHY protection. The files inside the folder aren’t encrypted and it can be accessed as per normal.
X-PHY® Response Flow
- X-FILE FORENSIC AGENT features ACTIVE DETECTIVE and DEEP INVESTIGATION introduce extra file protection features by preventing any illegal data modifications. They also record all activities and their application, making it easy for X-PHY® to identify suspicious actors.
- X-GUARD THREAT LOCK features SECURITY SCOUT and GUARDIAN PRO-X work together to stop any attempt by the ransomware to breach or clone your sensitive data.
- After noticing suspicious activity to breach and/or to encrypt user data, it will trigger X-FACTOR ENCRYPTION LOCK. KEYCODE 2-FACTOR feature within X-FACTOR ENCRYPTION LOCK locks down all the data in X-PHY® making it inaccessible to the ransomware.
- X-PHY® SSD sends notification to the user in their computer showing that ransomware has been detected. An email notification is also sent to the user simultaneously through the user’s registered email. The user will require OTP to unlock the SSD.
- X-PHY® records the attack activity in the event log, and will automatically stop any action with the same behavior in the future.