May 23 2017

Kaspersky: Almost All WannaCry Victims Used Windows 7

New tools help users decrypt data if they were infected by the ransomware attack.

When the WannaCry ransomware attack hit the world earlier this month, security experts assumed that it largely targeted users running Windows XP machines, since they did not receive a patch in March from Microsoft to protect vulnerabilities in Server Message Block.

However, researchers at Kaspersky Lab found that almost all of the users infected by WannaCry were running variants of Windows 7. The Verge reports: "According to data released today by Kaspersky Lab, roughly 98 percent of the computers affected by the ransomware were running some version of Windows 7, with less than one in a thousand running Windows XP. 2008 R2 Server clients were also hit hard, making up just over 1 percent of infections."

Yet, that makes sense, since Windows 7 is still the most popular desktop PC operating system. However, as New York magazine notes, "statistical insignificance doesn’t fully cover WannaCry’s impact. For instance, if one of those few XP machines is operating a vital service on Britain’s NHS system, that arguably has far greater implications than 100 Windows 7 users losing family photos."

Meanwhile, as The Wall Street Journal reports, security researchers have devised tools that may let some users gain access to their files if they were infected with the ransomware without having to pay the roughly $300 ransom. One tool, however, "only works for Windows XP and only if the machine has not been rebooted after the infection," ZDNet reports. And there are worries that hackers could use the Mirai botnet to spread WannaCry. So, the attack may not be over. 


Zero Trust–Ready?

Answer 3 questions on how your organization is implementing zero trust.