It’s been two years since the initial WannaCry ransomware outbreak, but researchers are warning that hundreds of thousands of incidents are still being detected globally.  

New research from Malwarebytes claims more than 4,826,682 WannaCry detections have been identified since its first outbreak in May 2017. These detections have decreased substantially since first wreaking havoc, but have far from disappeared.

Eastern countries appear to be at the highest risk – with India (727,883), Indonesia (561,381), United States (430,643), Russia (356,146) and Malaysia (335,814) being the hardest hit countries.

Since April 1, 2019, detections have remained high in these countries - India (19,777), Indonesia (19,192) and the United States (3,325) – while the UK recorded only 41 incidents during the same time period.

Malwarebytes also warned that hundreds of thousands of systems are still vulnerable to EternalBlue, an exploit of Microsoft Windows that attacks SMB file-sharing services and was used to propagate and spread the WannaCry ransomware in 2017.

There are several steps we recommend to prevent being the next victim of a ransomware attack, first starting with a hardened workstation environment. Embracing system hardening will prevent malware activity where possible and will put obstacles in place for the attackers. Organizations like the Center for Internet Security and NIST provide system hardening guidance, but you’ll ultimately have to determine what’s right for your users.

Second, utilize solutions like File Integrity Monitoring to establish where vulnerabilities exist and the best remediation advice.

Third, it’s vitally important that all systems and software applications are up to date. This global attack is a sobering lesson in what happens when software vulnerabilities fall into the hands of criminals, but also, should serve as a wake-up call for those running out of date software and systems.

Read our latest whitepaper The Problem with Running Outdated Software to learn more.

Lastly, embrace change control. Make sure that patching is up to date as a further means of closing of exploitable vulnerabilities, but think about getting more structured. Change control is a key security best practice, and when done properly, makes a cyber-attack much easier to detect and head-off before any serious damage is done.

 

NNT Suite of Products

change tracker gen7r2 logo

Combine industry leading Device Hardening, File Integrity Monitoring, Change Control, Configuration Management & Compliance Management into one easy to use solution that can scale to the most demanding environments!

fastcloud logo

Automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology) Integrity Assurance.

log tracker logo logo

Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds.

vulnerability tracker logo

Continuously scan and identify vulnerabilities with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
1175 Peachtree St NE
Atlanta, Georgia, 30361.
Portland
4145 SW Watson, Suite 350
Beaverton, Oregon, 97005.

Tel: (844) 898-8358
email [email protected]
UK Office
New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire
AL5 2JD

Tel: 01582 287310
email [email protected]
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified IBM Security
Copyright 2019, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.