Symantec Blocks 22 Million Attempted WannaCry Ransomware Attacks Globally

Real-time sharing of threat intelligence between endpoint and network systems, as well as machine learning technologies, helped ensure endpoint customers were fully protected

MOUNTAIN VIEW, Calif. – May 15, 2017 – Symantec Corp. (NASDAQ: SYMC), the world’s leading cyber security company, today reported it has blocked nearly 22 million WannaCry infection attempts across 300,000 endpoints, providing full protection for Symantec customers through its advanced exploit protection technology. The WannaCry ransomware attacks targeted and affected users in various countries across the globe by encrypting data files on infected computers and demanding users pay a $300USD ransom in bitcoin to decrypt their files. The protection of Symantec customers was enabled in part due to the integration of real-time threat intelligence shared across both Symantec Endpoint Protection and the Blue Coat ProxySG, which provided real-time threat awareness across the endpoint, network and cloud.

Symantec has posted a webinar with details on the WannaCry ransomware threat and how customers can protect themselves. To view the webinar, please visit Symantec’s website here.

“The WannaCry ransomware attack is the largest we’ve ever seen of its kind and we’re pleased to share that Symantec customers benefitted from multiple layers of protection even before it happened, through innovations and new capabilities in our Integrated Cyber Defense Platform,” said Mike Fey, president and chief operating officer at Symantec. “Our proactive network protection and advanced machine learning technologies provided real-time, zero-day, protection for all SEP and Norton customers when WannaCry was released last week. And, our Global Intelligence Network automatically shares WannaCry intelligence between Symantec endpoint, email and Blue Coat network products, providing full protection across all control points, including the cloud.”

Symantec Endpoint Protection and Norton customers are fully protected from WannacCry by multiple layers of advanced protection. This includes Symantec’s new advanced machine learning, proactive network exploit protection, SONAR behavioral protection, and the Intelligent Threat Cloud.

Customers of Symantec’s email service are also fully protected from WannaCry. The Skeptic and Link Following technologies available in Symantec Email Security.cloud provide additional proactive protection. 

Through real-time sharing of Symantec and Blue Coat intelligence, all WannaCry samples blocked by Symantec Endpoint Protection are also automatically blocked for Blue Coat proxy customers.  

Internet Security Threat Report: Ransomware Trends

Symantec’s Internet Security Threat Report (ISTR), Volume 22, provides a comprehensive view of the threat landscape, including insights into global threat activity, cyber criminal trends and motivations for attackers. Ransomware continued to escalate as a global problem and a lucrative business for cyber criminals. In 2016, the average ransom per victim grew to $1,077, up from $294 in 2015 (a 266 percent increase).

Recommendations

Symantec recommends that all customers install the Windows security update MS17-010. Symantec Endpoint Management can be leveraged to efficiently distribute this and other patches and software updates across the enterprise. Symantec also strongly recommends that that Symantec Endpoint Protection customers verify that all SEP’s proactive technologies are turned on. Symantec’s advanced exploit prevention technology, included as part of the Intrusion Prevention System (IPS) capability, completely blocks all WannaCry infection attempts. 

Visit Symantec’s Security Response blog and microsite for more information about its analysis of WannaCry, as well as a complete look at Symantec protections against the threat. 

About Symantec

Symantec Corporation (NASDAQ: SYMC), the world’s leading cyber security company, helps organizations, governments and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud and infrastructure. Likewise, a global community of more than 50 million people and families rely on Symantec’s Norton and LifeLock product suites to protect their digital lives at home and across their devices. Symantec operates one of the world’s largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats. For additional information, please visit www.symantec.com or connect with us on Facebook, Twitter, and LinkedIn.

NOTE TO U.S. EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at http://www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States.

Symantec, the Symantec logo and the Checkmark logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

Contact

Mara Mort
Symantec
650.527.7455
Mara_Mort@symantec.com

Jenn Foss
Edelman for Symantec
503.471.6804
Jenn_Foss@edelman.com