It’s been two years since the initial WannaCry ransomware outbreak, but researchers are warning that hundreds of thousands of incidents are still being detected globally.  

New research from Malwarebytes claims more than 4,826,682 WannaCry detections have been identified since its first outbreak in May 2017. These detections have decreased substantially since first wreaking havoc, but have far from disappeared.

Eastern countries appear to be at the highest risk – with India (727,883), Indonesia (561,381), United States (430,643), Russia (356,146) and Malaysia (335,814) being the hardest hit countries.

Since April 1, 2019, detections have remained high in these countries - India (19,777), Indonesia (19,192) and the United States (3,325) – while the UK recorded only 41 incidents during the same time period.

Malwarebytes also warned that hundreds of thousands of systems are still vulnerable to EternalBlue, an exploit of Microsoft Windows that attacks SMB file-sharing services and was used to propagate and spread the WannaCry ransomware in 2017.

There are several steps we recommend to prevent being the next victim of a ransomware attack, first starting with a hardened workstation environment. Embracing system hardening will prevent malware activity where possible and will put obstacles in place for the attackers. Organizations like the Center for Internet Security and NIST provide system hardening guidance, but you’ll ultimately have to determine what’s right for your users.

Second, utilize solutions like File Integrity Monitoring to establish where vulnerabilities exist and the best remediation advice.

Third, it’s vitally important that all systems and software applications are up to date. This global attack is a sobering lesson in what happens when software vulnerabilities fall into the hands of criminals, but also, should serve as a wake-up call for those running out of date software and systems.

Read our latest whitepaper The Problem with Running Outdated Software to learn more.

Lastly, embrace change control. Make sure that patching is up to date as a further means of closing of exploitable vulnerabilities, but think about getting more structured. Change control is a key security best practice, and when done properly, makes a cyber-attack much easier to detect and head-off before any serious damage is done.

 

Contact Us

USA Offices

New Net Technologies LLC
Suite #10115, 9128 Strada Place
Naples, Florida, 34108

New Net Technologies LLC
1175 Peachtree St NE
Atlanta, Georgia, 30361.

Tel: (844) 898-8358
[email protected]

 

UK Office

New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire
AL5 2JD

Tel: 020 3917 4995
 [email protected]

SC Magazine Cybersecurity 500 Infosec Security Winners 2018 CIS benchmarking SEWP Sans Institute Now Certified IBM Security
Copyright 2020, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.