It’s been two years since the initial WannaCry ransomware outbreak, but researchers are warning that hundreds of thousands of incidents are still being detected globally.  

New research from Malwarebytes claims more than 4,826,682 WannaCry detections have been identified since its first outbreak in May 2017. These detections have decreased substantially since first wreaking havoc, but have far from disappeared.

Eastern countries appear to be at the highest risk – with India (727,883), Indonesia (561,381), United States (430,643), Russia (356,146) and Malaysia (335,814) being the hardest hit countries.

Since April 1, 2019, detections have remained high in these countries - India (19,777), Indonesia (19,192) and the United States (3,325) – while the UK recorded only 41 incidents during the same time period.

Malwarebytes also warned that hundreds of thousands of systems are still vulnerable to EternalBlue, an exploit of Microsoft Windows that attacks SMB file-sharing services and was used to propagate and spread the WannaCry ransomware in 2017.

There are several steps we recommend to prevent being the next victim of a ransomware attack, first starting with a hardened workstation environment. Embracing system hardening will prevent malware activity where possible and will put obstacles in place for the attackers. Organizations like the Center for Internet Security and NIST provide system hardening guidance, but you’ll ultimately have to determine what’s right for your users.

Second, utilize solutions like File Integrity Monitoring to establish where vulnerabilities exist and the best remediation advice.

Third, it’s vitally important that all systems and software applications are up to date. This global attack is a sobering lesson in what happens when software vulnerabilities fall into the hands of criminals, but also, should serve as a wake-up call for those running out of date software and systems.

Read our latest whitepaper The Problem with Running Outdated Software to learn more.

Lastly, embrace change control. Make sure that patching is up to date as a further means of closing of exploitable vulnerabilities, but think about getting more structured. Change control is a key security best practice, and when done properly, makes a cyber-attack much easier to detect and head-off before any serious damage is done.


The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)

[email protected]

United Kingdom

5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023

 [email protected]
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2023, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.