Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED 7 MINUTES AGO.
You are here: Home / Network Security / WannaCry Hackers Still Attacking?
WannaCry Hackers Still Trying To Revive Attack, Says Accidental Hero
WannaCry Hackers Still Trying To Revive Attack, Says Accidental Hero
By Samuel Gibbs Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
MAY
22
2017
The "accidental hero" who registered a web address that became the so-called kill switch for WannaCry has said hackers are trying to overwhelm the site to resurrect the ransomware that plagued companies around the world.

The web address acts as a beacon for the malware, which if contactable tells WannaCry to cease and desist. In registering the domain name, a self-trained 22-year-old security expert from south-west England called Marcus Hutchins halted the spread of WannaCry by activating its kill switch.

Hackers are now trying to make Hutchins' domain unreachable using a distributed denial of service (DDoS) attack -- overwhelming it with traffic so that attempts to contact the domain by WannaCry go unanswered, thus de-activating the kill switch.

Hutchins has taken precautions to protect the domain from the DDoS attacks, which are using the Mirai botnet, switching to a cached version of the site that is capable of dealing with much higher traffic loads than the live site.

So far, the kill switch remains in operation, Hutchins says, which should help any computer systems that have not been updated or secured yet from falling foul of this strain of the WannaCry [aka WannaCrypt] attack.

A week after the WannaCry outbreak, analytics have revealed that, despite Windows XP grabbing the headlines due to its use in the NHS and other institutions, it was Windows 7 that was the worst affected by the ransomware.

According to data from cybersecurity firm Kaspersky, Windows 7 accounted for more than 98% of WannaCry infections, with Windows XP accounting for an “insignificant” volume of infections globally. The estimates are based on computers running the Kaspersky's security software, while data from BitSight indicated the number was lower but still significantly skewed towards Windows 7, with 67% of infections.

That Windows 7 accounted for the majority of WannaCry infections is not that surprising. Windows 7 is the most popular version of Microsoft's operating system, accounting for 46.23% of Windows computers globally, according to data from analytics firm Statcounter. Windows 10 accounts for 35.53% of PCs, while Windows 8.1 accounts for 9.56%. Windows XP accounts for only 5.36% of Windows computers globally.

While Windows XP does not receive publicly available security updates, machines running Windows 7 do and should have been protected against infection if they had been updated. Windows automatically updates itself for security and bug fixes unless otherwise instructed, which means the vast majority of WannaCry infections should have been preventable.

It highlights a problem found across both user and enterprise computer systems. Those who delay updates risk infection, but many put off updates for fear of breaking essential systems used or controlled by the PCs that need updating.

© 2017 Guardian Web under contract with NewsEdge/Acquire Media. All rights reserved.

Image credit: iStock.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN NETWORK SECURITY
ENTERPRISE SECURITY TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.