IMPORTANT SECURITY NOTICE
Ransomware is a $1 billion business that often evades traditional anti-malware. Learn what you’re up against and how to stop it. Our system of safeguards is proven to stop ransomware in its tracks, including all Wanna variants, by blocking the unauthorised encryption of files.
WannaCry ransomware: How it works and how to protect yourself
A significant number of organisations have been affected by a virulent new ransomware variant, Wanna, which is also known by a number of alias names including WanaCrypt0r.
We have a range of resources to help our partners stay protected from this attack. Please check them out and reach out if you think you need more protection for your team and your data.
Sophos Intercept X, Sophos Exploit Prevention (EXP), and Sophos Server Protection Advanced customers have protected proactively against Wanna ransomware from the first instance. Watch Intercept X in action against Wanna.
What is Wanna Ransomware?
A new ransomware attack called ‘Wanna’ (also known as WannaCry, WCry, WanaCrypt, WanaCrypt0r, or Wanna Decrypt0r) is encrypting files and changing the extensions to:
.wncry and .wncrypt.
How does Wanna Ransomwear work?
The proven CryptoGuard capabilities in Sophos Intercept X block ransomware as soon as it starts trying to encrypt your files, returning data to its original state. Intercept X:
Protects endpoints from ransomware attacks
Automatically rolls back file changes with no data loss
Stops both local and remote file encryption