WannaCry ransomware is still the most widespread cryptor family and has hit almost 75,000 users as of Q3 2018, according to new research from Kaspersky Lab.
The firm discovered that since the WannaCry outbreak in May 2017 that cost the NHS £92m, the ransomware has affected 74,621 users across the globe and is still active one and half years on, accounted for 28% of all cryptor attacks in Q3 2018, a growth of more than two-thirds compared to Q3 2017.
“It is concerning to see that WannaCry attacks have grown by almost two-thirds compared to the third quarter of last year,” said David Emm, principal security researcher at Kaspersky Lab. “This is yet another reminder that epidemics don’t cease as rapidly as they begin – the consequences of these attacks are unavoidably long-lasting.”
Despite the WannaCry attacks highlighting the importance of patching to resist the EnternalBlue exploit that the ransomware leverages, Kaspersky Lab’s findings show that there still remain plenty of unpatched computers worldwide and that criminals continue to target them.
“Cyber-attacks of this type can be so severe that it’s necessary for companies to take adequate preventive measures before a cyber-criminal acts – rather than focus on recovery,” added Emm.
Kaspersky Lab’s advice for effective ransomware defense included:
- Updating your operating system to eliminate recent vulnerabilities and using a robust security solution with updated databases. It is also important to use a security solution that has specialized technologies to protect your data from ransomware
- If you have bad luck and all your files are encrypted with cryptomalware, it is not recommended to pay cyber-criminals, as it encourages them to continue their dirty business and infect more people’s devices. It is better to find a decryptor on the internet
- It is also important to always have fresh backup copies of your files to be able to replace them in case they are lost, and store them not only on the physical object but also in cloud storage for greater reliability
- To protect the corporate environment, educate your employees and IT teams, keep sensitive data separate, restrict access and always back up everything
- Last, but not least, remember that ransomware is a criminal offence. You shouldn’t pay. If you become a victim, report it to your local law enforcement agency