WannaCry seems to be back already as LG reports discovering it on a self-service kiosk in South Korea earlier this month. The consumer electronics giant had to shut down its systems and took parts of its network offline for over two days.
LG Electronics found itself infected by WannaCry three months after the initial global outbreak.
When WannaCry ransomware attack hit the businesses earlier this year, it caused chaos all around the globe as it severely infected hospitals, caused manufacturing shutdowns, headaches for Microsoft, and overtime for cyber security professionals. It managed to infect over 300,000 Windows systems resulting in a number of major organisations — including the UK’s National Health Service (NHS) and car manufacturer Honda — being forced to take systems offline. The file-encrypting malware that used a leaked NSA exploit, pushed many to suspend their work since attackers had taken control of their devices and data. It could have even affected more businesses if it hadn’t been “accidentally” stopped by Marcus Hutchins (who has been accused of selling Kronos banking malware by the US).
While the hackers behind the malware have been on a notorious spree, there was news that the malware had been contained. Reportedly, the flaw was fixed by Microsoft shortly after the outburst in May and they had also released an emergency patch for Windows XP and other Windows versions that were out of support.
But the WannaCry woke up again to attack the South Korean electronics manufacturer. The attack was made on the network operated by the company in the domestic market.
“Enable Windows Update, update and then reboot,” Hutchins had asked everyone. But at the time, Hutchins had also warned, that “the attackers will realise how we stopped it, they’ll change the code and then they’ll start again.” Apparently, attackers don’t even need to change the code since there are plenty of machines that still haven’t been updated.
Currently, there is no information on how WannaCry reached LG’s computers but the investigation is in the process. While the investigation goes on, it is yet to be determined as to how many computers in LG’s network were compromised.