WannaCry remains a serious IT security threat worldwide, researchers warn
'Hundreds of thousands' of systems worldwide are still vulnerable to the flaws that WannaCry exploited
The WannaCry malware remains a serious security threat, two years after it first emerged, with 'hundreds of thousands' of systems still vulnerable to the exploits that WannaCry used to propagate.
According to researchers from security firm Malwarebytes, a total of 4,826,682 WannaCry detections have been identified since its first attack in May 2017.
On 12 May 2017, WannaCry encrypted hundreds of thousands of systems in a matter of hours across more than 150 countries. It was the first time that ransomware had infected so many PCs so quickly, and in so many countries.
Although, WannaCry was neutralised by Marcus Hutchins after discovering a 'kill switch' inadvertently left in the code, variants of WannaCry still exist and continue to infect systems, according to Malwarebytes.
In its global list of countries where WannaCry variants have been detected over the past two years, India is at the top with 727,883 WannaCry infections, followed by Indonesia (561,381), the US (430,643), Russia (356,146) and Malaysia (335,814).
In Europe, France is the most affected, with 138,182 detections reported since the second quarter of 2017.
While WannaCry's initial spread in May 2017 did not affect China much (just 613 detections), an increase in detection has been observed since June 2017 (113,785 cases in total).
Since 1st April this year, 430,943 cases of WannaCry infections have been recorded globally. Of them, 19,777 cases were reported in India, followed by 19,192 in Indonesia and 3,325 in the US.
In France, 1,025 such cases have been identified since 1st April. The UK ranks 25th in this list with just 41 detections.
AI & Machine Learning Live is returning to London on 3rd July 2019. Hear from the Met Office's Charles Ewen, AutoTrader lead data scientist Dr David Hoyle and the BBC's Noriko Matsuoka, among many others. Attendance is free to qualifying IT leaders and senior IT pros, but places are limited, so reserve yours now.
According to Malwarebytes, Russia and countries across Asia are more more vulnerable to WannaCry because attitudes towards updating and patching software are more casual
The researchers warn that malware developers have started using new mechanisms to propagate a new generation of highly invasive Trojans, for example, TrickBot and Emotet, that can target businesses. These can be very costly to remove.
These malicious programmes are a big threat to organisations worldwide, and security teams must take all possible measures to protect their systems from such programmes, researchers advise.
"If people haven't decided to update their operating systems or patch where they can by now, then they probably won't ever change and continue to be a risk to themselves," said Jake Moore, a security specialist at anti-virus software company ESET.
He continued: "WannaCry did a hefty amount in teaching people about the risks attached to not keeping on top of your cyber security but if over a million devices are still out there unpatched, then they will most likely never be updated."
"Many have argued that by updating their operating system their bespoke software may not run anymore but the risks attached come with a far higher price tag should they have their data encrypted and back-ups lost.
"For example, I still know of a huge worldwide vehicle manufacturer who won't upgrade from Windows 7 to Windows 10 because their vehicles do not talk to their network on any other operating system."
Computing and CRN have united to present the Women in Tech Festival UK 2019, on 17 September in London.
The event will celebrate successful women in the IT industry, enabling attendes to hear about, and to share, personal experiences of professional journeys and challenges.
Whether you're the ‘Next Generation', an ‘Inspirational Leader', or an ‘Innovator of Tech' this event will offer inspiration on not only how to improve yourself, but how to help others too. The event is FREE for qualifying IT pros, but places will go fast