Home 5 years after the first WannaCry attack

5 years after the first WannaCry attack

May 12 — A full five years have passed since WannaCry first started to spread across corporate networks; jumping from one Windows system to the next. As the ransomware took hold of computers, files were held hostage, and users were instructed to provide Bitcoin payments in exchange for their safe return.

Why were hundreds of thousands of devices compromised by WannaCry? On account of the continued use of outdated systems, poor education around the need to update software, and poor patch management. The damage induced by WannaCry was in-fact largely avoidable.

WannaCry’s impact

More than 200,000 and possibly more than 300,000 devices suffered through WannaCry encryption. Major entities were affected by the attack, including critical healthcare organizations. WannaCry is estimated to have caused roughly $4 billion in damages.

Today’s ransomware landscape

Although the WannaCry ransomware is still in circulation, it is seldom seen. At this point, other ransomware types dominate the threat landscape, including those deployed by Conti, REvil and Lapsus$.

Across the past five years, experts have observed that ransomware attacker demands have increased. Ransom payments have escalated, with the average ransom demand topping $2.2 million. This represents a 144% increase over the prior year.

Organizations are still struggling to effectively prevent, identify and mitigate ransomware attacks. Although organizations may believe that they have adequate security strategies in place, the number of successful ransomware attacks that continue to occur suggest a different story.

Addressing ransomware now

Ensure that your organization works to prevent large-scale attacks, like WannaCry, from affecting you operations. If interested in ransomware prevention and defense insights, please review the following resources:

For further WannaCry insights, please be sure to see CyberTalk’s Lessons Learned and Carried Forward article. Lastly, to receive more cutting-edge cyber security news, best practices and analyses, please sign up for the CyberTalk.org newsletter.