South Korean electronics manufacturer LG is the latest big name hit by ransomware, as part of the network operated by the company in the domestic market was shut down earlier this month due to WannaCry infection.
First spotted in May this year, WannaCry is a form of ransomware exploiting a Windows vulnerability that has already been patched by Microsoft shortly after the outburst. The software giant has even shipped emergency patches for Windows XP in an attempt to keep users protected, so the only thing system administrators need to do is deploy the latest updates to block the infection.
This never happened on LG’s systems, however, and a self-service kiosk operated by the company in South Korea has recently been compromised with WannaCry.
Still not known how WannaCry reached computers
While it’s not known how many computers in LG’s network were compromised, the company decided to shut down a number of systems to prevent the ransomware from spreading. LG blocked the access to the service center where the malware was first spotted, and this proved to be a smart move as no data has been encrypted. Furthermore, LG explained that no ransom had been paid.
“We analyzed the malicious code that caused delays at some service centers on Aug 14th with the help of KISA [Korea Internet & Security Agency] and confirmed that it was indeed ransomware. According to KISA, yes it was the ransomware known as WannaCry,” a company spokesperson was quoted as saying.
LG managed to restore all impacted machines in less than 2 days, but the company is yet to determine how exactly the ransomware took down the systems.
On the other hand, what’s known is that the computers that ended up infected with WannaCry weren’t running the latest updates from Microsoft, as up-to-date systems are not vulnerable to ransomware infections.
WannaCry has made hundreds of thousands of victims across the world, including some high-profile companies, such as car manufacturer Honda, which was forced to shut down one production plant completely due to its network being compromised by the ransomware.