At least three local organisations have been hit by WannaCrypt/WannaCry, according to the Australian government.
The minister assisting the prime minister for cyber security, Dan Tehan, said three local small or medium-sized businesses had been infected by the ransomware. “This is absolutely a wakeup call,” Tehan told the ABC.
The ransomware is also known as “WanaCryt0r”, “WanaDecryptor” and “Wana”.
WannaCrypt exploits a Windows vulnerability patched in March by Microsoft. Microsoft over the weekend also released patches targeting out-of-support versions of Windows including Windows XP, Windows Server 2003 and Windows 8.
The exploit was among those employed by tools believed to have been used by the US National Security Agency released in a Shadow Brokers dump last month. The exploit codenamed EternalBlue exploited an SMB vulnerability.
Among the largest organisations to have been hit by WannaCrypt are the UK’s National Health Service and Spanish telco Telefónica.
The Australian Cyber Security Centre urged local organisations affected by the ransomware to contact it on 1300 CYBER1. The ACSC said the WannaCrypt campaign “is highly likely to impact Australian Government, industry, and individuals”.
The ACSC noted that organisations that have applied the Australian Signals Directorate’s ‘Essential Eight’ mitigation strategies will not be vulnerable to the ransomware outbreak.
“While Microsoft’s release of back-ported patches is a commendable proactive action, the ACSC considers organisations running Windows XP, Server 2003 and other unsupported operating systems to be exposed to extreme risk,” the organisation said in a statement.