WannaCry: How myths are destroyed
Monday, June 5, 2017
Employees of anti-virus company PR and marketing departments will long remember the week following the WannaCry attack (which started on May 12, a Friday). People asked lots of questions. In particular, some asked why Russia suffered the most from the attack.
Russia was the most affected country. Many computers in Ukraine, Japan, India and other countries were also infected.
It's hard to argue with statistics, and experts have come up with all sorts of explanations as to why so many machines in Russia were infected.
The first reason has to do with the level of software piracy. Everyone knows that software piracy is a common phenomenon in Russia. And people who use software illegally are very reluctant to install updates because they are afraid that their computers will be blocked.
The second reason is the low salaries of system administrators. Their employers just can't afford to pay them more. This, too, is understandable: many companies can't afford to hire competent system administrators.
The third reason is the inadequate organization of business processes, specifically with regards to outdated software being used on corporate computers and no updates being installed.
In Europe patches of this kind are applied within a month. In Russia it takes us an average of two to get that done.
Here, I think we can stop listing the problems we have in Russia and start exposing the truth.
While going about its work, WannaCry sends queries to a certain URL. The security expert known as MalwareTech registered the corresponding domain, and as a result Kryptos Logic, which controls the domain now, was able to analyse queries coming from the ransomware.
Kryptos Logic gathered statistics about the requests sent to the kill switch domain during the last two weeks—the security researchers registered around 14-16 million queries. It was stated previously that 50%-75% of Wannacry-infected machines resided in Russia, but the information gathered indicates that the highest number of infections occurred in China (6.2 million requests). It is followed by the USA (1.1 million), Russia (1 million), India (540,000), Taiwan (375,000), Mexico (300,000), Ukraine (238,000), the Philippines (231,000), Hong Kong (192,000), and Brazil (191,000d).
How did the enlightened USA outperform Russia? Because of a lower level of software piracy? The professionalism of system administrators? Or the quality of business procedures? We are waiting to hear what the experts have to say.
#Windows #malware #ransom #extortion #myth #damage #encryption_ransomware
Tell us what you think
To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.
Comments
Неуёмный Обыватель
03:53:17 2018-07-21
vasvet
10:32:59 2018-07-04