It’s been two years since the initial WannaCry ransomware outbreak, but researchers are warning that hundreds of thousands of incidents are still being detected globally.  

New research from Malwarebytes claims more than 4,826,682 WannaCry detections have been identified since its first outbreak in May 2017. These detections have decreased substantially since first wreaking havoc, but have far from disappeared.

Eastern countries appear to be at the highest risk – with India (727,883), Indonesia (561,381), United States (430,643), Russia (356,146) and Malaysia (335,814) being the hardest hit countries.

Since April 1, 2019, detections have remained high in these countries - India (19,777), Indonesia (19,192) and the United States (3,325) – while the UK recorded only 41 incidents during the same time period.

Malwarebytes also warned that hundreds of thousands of systems are still vulnerable to EternalBlue, an exploit of Microsoft Windows that attacks SMB file-sharing services and was used to propagate and spread the WannaCry ransomware in 2017.

There are several steps we recommend to prevent being the next victim of a ransomware attack, first starting with a hardened workstation environment. Embracing system hardening will prevent malware activity where possible and will put obstacles in place for the attackers. Organizations like the Center for Internet Security and NIST provide system hardening guidance, but you’ll ultimately have to determine what’s right for your users.

Second, utilize solutions like File Integrity Monitoring to establish where vulnerabilities exist and the best remediation advice.

Third, it’s vitally important that all systems and software applications are up to date. This global attack is a sobering lesson in what happens when software vulnerabilities fall into the hands of criminals, but also, should serve as a wake-up call for those running out of date software and systems.

Read our latest whitepaper The Problem with Running Outdated Software to learn more.

Lastly, embrace change control. Make sure that patching is up to date as a further means of closing of exploitable vulnerabilities, but think about getting more structured. Change control is a key security best practice, and when done properly, makes a cyber-attack much easier to detect and head-off before any serious damage is done.


The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

USA Offices

New Net Technologies LLC
4850 Tamiami Trail, Suite 301
Naples, Florida, 34103

New Net Technologies LLC
1175 Peachtree St NE
Atlanta, Georgia, 30361.

Tel: (844) 898-8358
[email protected]


UK Office

New Net Technologies Ltd
The Russell Building, West Common
Harpenden, Hertfordshire

Tel: 020 3917 4995
 [email protected]

SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2022, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.