Wanna Decryptor (WannaCry) Ransomware Explained & Recommended Actions

Wanna Decryptor, also known as WannaCry, Wannacrypt, WNCRY, and Wanna Decryptor 2.0 is a ransomware attack affecting countries and organizations globally. 

We've compiled the following resources to help you take immediate action to prepare for and defend against the “ransomworm.” This page will continue to be updated as more information and resources become available.

For specific questions or further assistance, please contact us at +1–866–7RAPID7 (Toll Free) or +1–617–247–1717. Get international contact information here.  

Wanna Decryptor Resources

[WEBCAST: WEDNESDAY, MAY 17 2PM ET / 11AM PTWanna Decryptor (WNCRY) Ransomware Explained
Join Tas Giakouminakis, Rapid7's Co-Founder and CTO, and Bob Rudis, Rapid7's Chief Security Data Scientist as they take us through the recent Ransomware disclosure, "WannaCrypt"/"WannaCry" and open the floor for a live Q&A. 

[BLOG] Wanna Decryptor (WNCRY) Ransomware Explained
What is involved in the attack, what weakness(es) and systems does it exploit, and what can you do to prevent or recover from this attack? Get the details and learn how to mitigate the impact from future attacks.

[BLOG] Scanning and Remediating WannaCry in InsightVM and Nexpose
Read this post for a step-by-step guide on using InsightVM to scan your network for WannaCry vulnerabilities. 

[BLOG] Using Threat Intelligence to Mitigate Wanna Decryptor (WannaCry)
It's not all about indicators of compromose (IOCs). Learn what threat intelligence approaches you can take to deal with WannaCry and prepare yourself for the future. 

Download this editable presentation to help communicate WannaCry to your company and stakeholders.  

Ransomware Resources

Preventing and Detecting Ransomware Attacks 
Ransomware is malicious software which covertly encrypts your files – preventing you from accessing them – then demands payment for their safe recovery. Like most tactics employed in cyberattacks, ransomware attacks can occur after clicking on a phishing link or visiting a compromised website.

[VIDEO] Whiteboard Wednesday: Server Ransomware
Watch this week’s Whiteboard Wednesday to learn more about how attackers are using open MongoDB, CouchDB, and Elasticsearch servers, and then check out Bob’s blog post for more on “The Ransomware Chronicles: A DevOps Survival Guide.

[ON-DEMAND WEBCAST] Ransomware: Don't Believe the Hype of Vendors
In this webcast, learn about snake oil sales techniques around ransomware, the best ways to protect your organization from this threat, disaster recovery processes to have in place, and more.

[BLOG] Ransomware FAQ: Avoiding the latest trend in malware

[BLOG] Prepare Yourself for Ransomware – No More Snake Oil, Please

[BLOG] I have ransomware and I didn’t back up! What do I do now??


Find out if you're vulnerable to WannaCry with InsightVM

Free 30-day Trial

Get it Now
Is WannaCry exploitable on your network?

Safely simulate exploitability with Metasploit

Free Download
On-Demand Webcast: WannaCry Explained

Scan for WannaCry with InsightVM

Try InsightVM

Try InsightVM

No credit card required. All fields are mandatory.

    Sorry your request cannot be completed at this time. Please reach out to sales at +1-866-7RAPID7 or at sales@rapid7.com.
    Switch to Virtual Appliance Download