SECURITY
SECURITY
SECURITY
Two years on, WannaCry ransomware is targeting more computers than ever
The infamous WannaCry ransomware that was thrust into the public spotlight in May 2017 is not only still around but also still targeting more computers than ever.
The finding comes today from a report from security firm Sophos Group plc, which have found that two years on, modified WannaCry variants are still causing headaches for information technology administrators and security analysts. The research found that the WannaCry threat remains rampant, with millions of infection attempts stopped every month, and that though the original malware has not been updated, many thousands of variants are in the wild.
Indeed, the number of WannaCry variants is staggering: Sophos Labs has detected 12,480 variants of the original code to date. Some 2,700 samples, accounting for 98% of detections, have evolved to bypass the kill switch that brought the original WannaCry ransomware to a halt.
In August 2019 alone, Sophos telemetry detected 4.3 million instances of WannaCry. The number of different variants observed came in at 6,963. Of those, 5,555 or 80 percent, were new files.
Researchers did find that the way in which WannaCry infects new victims can provide users with protection. WannaCry variants check to see if a computer is already infected and, if so, move on to another target, leaving an infection by an inert version of the malware that actually protects the device from being infected from active strains in the future. The researchers dub the process as “accidental vaccine.”
“The WannaCry outbreak of 2017 changed the threat landscape forever,” Peter Mackenzie, security specialist at Sophos, said in a statement. “Our research highlights how many unpatched computers are still out there, and if you haven’t installed updates that were released more than two years ago – how many other patches have you missed?”
In this case, he added, “some victims have been lucky because variants of the malware immunized them against newer versions. But no organization should rely on this. Instead, standard practice should be a policy of installing patches whenever they are issued, and a robust security solution in place that covers all endpoints, networks and systems.”
Image: Maxpixel
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
