Undoubtedly the security story of 2017 was WannaCry, a ransomware attack that reached epidemic proportions. After several months of living and dealing with WannaCry, organizations and users finally implemented processes to minimize risks and thwart the attack. Or so they thought.
Security software developer Kaspersky Lab says WannaCry is back. While most would assume WannaCry has become a footnote in the history of cybercrime, that's not the case. The company describes the attack as a “museum piece” but still found 74,621 attacks during Q3 2018.
Not only is WannaCry still alive and kicking, it accounted for a third of all ransomware attacks (28.72%) during that period.
“Our statistics come from computers protected by our technologies, so no real damage occurred; our products have instantly repelled WannaCry from the start. However, the number of attempts to infect computers with this Trojan in 2018 suggests that someone out there is still actively using WannaCry. This would hardly be the case if there was nothing in it for cybercriminals — fools they are not. It means that they are still able to infect computers.”
The WannaCry ransomware cost companies hundreds of millions of dollars. It spread from a former NSA backdoor for Microsoft Windows. The company was criticized from various sides how it handled the outbreak. Microsoft held back a free repair update on Windows XP machines, instead reserving it for customers with custom support contracts. But the President of the Redmond giant, Brad Smith, has laid the responsibility for the massive hack at the feet of the U.S. government, saying they put the digital world in danger through their practice of “stockpiling vulnerabilities.”
Attack
Admittedly, the potency of WannaCry has been reduced as it can no longer spread across networks as it previously could. Yet, infections continue because users have not installed updates to fight off the attack.
Kaspersky Lab recommends the following steps to protect against WannaCry:
- Regularly update the operating systems on all computers on your network to the latest version. This will quickly patch fresh vulnerabilities.
- Use security solutions with dedicated antiransomware technologies. Our solutions, for example, feature a subsystem that, even if faced with a completely new threat, will protect data by rolling back any changes made by malware.
- Make regular backups of important information. It is a good idea to keep several copies in different places: for example, one on an isolated physical drive, another in the cloud.
- Continuously raise employee awareness about modern cyberthreats.
- If using security solutions from other vendors, consider beefing up your protection with our free Kaspersky Anti-Ransomware Tool, which is compatible with most third-party security products.