On Sunday, Honda discovered that the virus had affected its networks across Japan, North America, Europe, China and other regions, and has since shut down production at one of its plants in Japan. (Source: Honda halts Japan car plant after WannaCry virus hits computer network)
Commenting on this recent outbreak, Gavin Millard, Technical Director, Tenable said “That the exploitation of MS17-010 through WannaCry and other derivatives is still causing a problem is hardly surprising. Conflicker and MS08-67, the main vulnerability it exploited, is still popping up on occasion nine years after it began infecting millions of systems around the world. To reduce the probability of being infected by ransomware, and more concerning a targeted attack leveraging the same vulnerabilities, continuous visibility into the vulnerability status of every asset in the modern computing environment is critical in reducing the available attack surface. Of course, just patching these bugs isn’t always simple, as it could cause disruption to the organisation. If that is the case, then compensating controls must be put in place and proper, risk-based decisions must be made.”
Put simply if you can’t patch it, protect it, and if you can’t do either then prepare to pay. — Gavin Millard, Technical Director, Tenable.