Oman Daily Observer

Wannacry is still alive hitting almost 75,000 users

- BUSINESS REPORTER MUSCAT, DEC 3

One and a half years after its epidemic, Wannacry ransomware tops the list of the most widespread cryptor families and the ransomware has attacked 74,621 unique users worldwide. These attacks accounted for 28.72 per cent of all users targeted by cryptors in Q3 2018.

The percentage has risen over the last year, demonstrat­ing more than two thirds growth against Q3 2017, when its share in cryptor attacks was 16.78 per cent. This is just one of the main findings from Kaspersky Lab’s Q3 IT threat evolution report.

A series of cyberattac­ks with Wannacry cryptor occurred in May 2017 and is still considered to be one of the biggest ransomware epidemics in history. Even though Windows released a patch for its operating system to close the vulnerabil­ity exploited by Eternalblu­e 2 months prior to the start of the attacks, Wannacry still affected hundreds of thousands devices around the globe. As cryptors do, Wannacry turned files on victims’ computers into encrypted data and demanded ransom for decryption keys (created by threat actors to decipher the files and transform them back into the original data) making it impossible to operate the infected device.

The consequenc­es of the Wannacry epidemic were devastatin­g: as the victims were mainly organisati­ons with networked systems — the work of businesses, factories and hospitals was paralysed. Even though this case demonstrat­ed the dangers cryptors pose, and most of PCS around the world have been updated to resist the Eternalblu­e exploit, the statistics show that criminals still try to exploit those computers that weren’t patched and there are still plenty of them around the globe.

Overall, Kaspersky Lab security solution protected 259,867 unique users from cryptors attacks, showing a substantia­l rise of 39 per cent since Q2 2018, when the figure was 158,921. The growth was rapid yet steady, with a monthly observed increase in the number of users.

“The rising share of Wannacry attacks is another reminder that epidemics don’t end as fast as they start — there are always long-running consequenc­es. In the case of cryptors, attacks can be so severe that it is necessary to take preventive measures and patch the device, rather than deal with encrypted files later,” said Fedor Sinitsyn, security researcher at Kaspersky Lab.

To reduce the risk of infection by Wannacry and other cryptors, users are advised to:

Always update your operating system to eliminate recent vulnerabil­ities and use a robust security solution with updated databases. It is also important to use the security solution that has specialise­d technologi­es to protect your data from ransomware, as Kaspersky Lab’s solutions do. Even if the newest yet unknown malware does manage to sneak through, Kaspersky Lab’s System Watcher technology is able to block and roll back all malicious changes made on a device, including the encryption of files.

If you have bad luck and all your files are encrypted with cryptomalw­are, it is not recommende­d to pay cybercrimi­nals, as it encourages them to continue their dirty business and infect more people’s devices. It is better to find a decryptor on the Internet — some of them are available for free here: https://noransom. kaspersky.com/

It is also important to always have fresh backup copies of your files to be able to replace them in case they are lost (e.g. due to malware or a broken device), and store them not only on the physical object but also in cloud storage for greater reliabilit­y (don’t forget to protect your cloud storage with strong hack-proof password!)

To protect the corporate environmen­t, educate your employees and IT teams, keep sensitive data separate, restrict access, and always back up everything.

Use a dedicated security solution that is powered by behaviour detection and able to roll back malicious actions. It should also include Vulnerabil­ity and Patch management features that automatica­lly eliminates vulnerabil­ities and installs updates. This reduces the risk of vulnerabil­ities in popular software being used by cybercrimi­nals.

Last, but not least, remember that ransomware is a criminal offence. You shouldn’t pay. If you become a victim, report it to your local law enforcemen­t agency.

The percentage has risen over the last year, demonstrat­ing more than two thirds growth against Q3 2017, when its share in cryptor attacks was 16.78 per cent

 ??  ?? Number of unique users attacked by cryptors, Q3 2018.
Number of unique users attacked by cryptors, Q3 2018.

Newspapers in English

Newspapers from Oman