^^^A small correction on that kill switch.
It wasn't actually a kill switch, but a randomly generated website used to let the malware know when it is in a sandbox. Any sort of sandbox used by a security research to analyze the malware allows all outbound traffic to be reported as available and successfully sent.
When the malware would detect it could actually reach the site it would shut down.
They recently released a new variant of the ransomware to not have that feature so the risks are still present.
It wasn't actually a kill switch, but a randomly generated website used to let the malware know when it is in a sandbox. Any sort of sandbox used by a security research to analyze the malware allows all outbound traffic to be reported as available and successfully sent.
When the malware would detect it could actually reach the site it would shut down.
They recently released a new variant of the ransomware to not have that feature so the risks are still present.