Symantec has blocked nearly 22 million WannaCry infection attempts across 300,000 endpoints, providing protection for Symantec customers.
The WannaCry ransomware attacks targeted and affected users in various countries across the globe by encrypting data files on infected computers and demanding users pay a $300 ransom in bitcoin to decrypt their files.
Symantec’s enterprise and retail customers got the protection from cyber attack due to the real time integration of threat intelligence shared across both Symantec Endpoint Protection and the Blue Coat ProxySG, which provided real-time threat awareness across the endpoint, network and cloud.
Symantec’s network protection and machine learning technologies provided zero-day, protection for all SEP and Norton customers when WannaCry was released last week.
“Our Global Intelligence Network automatically shares WannaCry intelligence between Symantec endpoint, email and Blue Coat network products, providing full protection across all control points, including the cloud,” said Mike Fey, president and chief operating officer at Symantec.
Symantec said its Endpoint Protection and Norton customers have received the protection from WannaCry by multiple layers of advanced protection. This includes Symantec’s new advanced machine learning, proactive network exploit protection, SONAR behavioral protection, and the Intelligent Threat Cloud.
Customers of Symantec’s email service are also fully protected from WannaCry. The Skeptic and Link Following technologies available in Symantec Email Security.cloud provide additional proactive protection.
Through real-time sharing of Symantec and Blue Coat intelligence, all WannaCry samples blocked by Symantec Endpoint Protection are also automatically blocked for Blue Coat proxy customers.
Symantec recommends
All customers should install the Windows security update MS17-010.
Customers can also use Symantec Endpoint Management to distribute this and other patches and software updates across the enterprise.
Symantec also strongly recommends that Symantec Endpoint Protection customers verify that all SEP’s proactive technologies are turned on. Symantec’s advanced exploit prevention technology, included as part of the Intrusion Prevention System (IPS) capability, blocks all WannaCry infection attempts.
